Script to disconnect users
I have various users logged in as guests to a shared drive I have connected to my imac. I have carbon copy cloner auto shutdown at night after a back up but sometimes users are still connected and hence my mac gives a prompt saying that there are connected users which stops it from auto shutting down. Ayone know of a script I can have CCC run after the back up so that it disconnects all connected users so I can have my mac auto shutdown?
Hi,
Please refer tech note:
*Profile On User IDLE_TIME Set To 15 Minutes [ID 1061189.6]*
Regards,
X A H E E R
Similar Messages
-
MAXL problem for launching a script in order to disconnect users in a cube
Hello,
I would like to know how i can launch a maxl script in order to disconnect users who are connected on a cube. When i do this :
IEssDomain dom2 = ess.signOn(USER, PASSWORD, false, null, PROVIDER);
cv = dom2.openCubeView("EssaiBis", SERVEUR, APPNAME, CUBENAME);
IEssMaxlSession maxl = dom2.openMaxlSession("maxl", SERVEUR);
String strQuery = "alter application "+APPNAME+" unload database "+CUBENAME+";";
maxl.execute(strQuery);
maxl.close();
The APPNAME, the CUBENAME, the SERVEUR, the USER, the PASSWORDn and the PROVIDER (embedded) are OK. However, it jumps the commands which are under the : IEssMaxlSession maxl = dom2.openMaxlSession("maxl", SERVEUR);
So, the problem seems to be here.
Thanks you for your help.
VinouIt seems that it doesn't take the "+" in the script on the forum ^^
-
List processes of disconnected users
Here is a problem that I have. I work at a hospital. We have a certain application installed on a dozen Windows 7 machines. Doctors leave that application open and walk away from the machine. The machine eventually locks due to inactivity and another
doctor will come up and log on. They will attempt to launch the application but cannot open it because it's running in one of the other disconnected sessions. They have been instructed to log off the machines, but that is obviously to difficult
so I need to identify a different way to address the issue.
Could I get some assistance with a powershell script? What I would like to do is to have script that goes through the processes that are running under the disconnected users and kill the specific process for the application. I would like to set
that script up to run every 5 minutes or so under task scheduler. Is this possible?
I wanted to put a shortcut on the desktop of the machines that would kill the process, but the doctors are not administrators of the machines so I haven't been able to find a secure way of doing this. Applications like encrypted runas are not secure
so putting the credentials for an administrative user into a script are not secure.
RGSomething like this could work to logoff users who are in a disconnected state.
$Computername = 'Server1'
(quser /SERVER:$Computername) -replace '\s{2,}',',' | ForEach {
If (($_ -split ',').count -ne 6) {
$_.insert($_.IndexOf(','),',')
} Else {$_}
} | ConvertFrom-CSV | Where {
$_.State -eq 'Disc'
} | ForEach {
logoff /SERVER:$Computername /SessionID $_.Id
This uses quser to find current logon sessions and does a little parsing to find out what sessions are in a disconnected state and then proceeds to log the users out.
Boe Prox
Blog |
Twitter
PoshWSUS |
PoshPAIG | PoshChat |
PoshEventUI
PowerShell Deep Dives Book -
How to change the Default login script and the USER login script in Netware3.12
I need to cut down the disk map from Neware 3.12 in Win98 client's PC.
please tell me
how to change the Default login script and the USER login script in
Netware3.12 ?
Or is there any other ways to do this thing?
Thanks a lot!On 4/6/2006 [email protected] wrote:
> how to change the Default login script and the USER login script in
> Netware3.12 ?
Please repost in the discontinued.forums.
Edison Ortiz
Novell Product Support Forum SysOp
(No Email Support, Thanks !) -
Multiple disconnected users on the same laptop
Has any open come across the following requirement? I have a customer that is interested in 'sharing' laptops with multiple offline users with the ability to sync. Can we have multiple disconnected users on the same laptop? If so what would be the options? The challenge is how to manage multiple extracts on one MWC installation. I suspect that 'OOTB', we only support one extract per machine/installation of the MWC. We may be able to support multiples, but it would take some config/customization.
Please don't post the same question in different forums
Siebel Remote - Can multiple disconnected users be on the same laptop?
multiple disconnected users on the same laptop
Siebel Remote - Can multiple disconnected users be on the same laptop? -
I have a requirement where I have to give the list of users who can access a specific computer define in AD.
I am new with PS.
Do you have a script to list users that can access a computer object of AD ?
I have executed the following script but it does not give me the access rights of who can access the computer 'computername'
How can i have this information. please help
Import-Module activedirectory
$computer=get-adcomputer "computername" -properties ntSecurityDescriptor
$omputer.ntsecurityDescriptor.Access | select-object -expandproperty IdentityReference | sort-object -uniqueI would say that, since the OP has so little info, there are no policies in use. It there were then this question would never be asked the way it is being asked.
I had a client call with a letter from their insurance company; an accountant with malpractice insurance. THey asked the same question inmuch the same way. "What computer can you users access?" The question should be more like
"Do you have a policy that restricts access to computers and do you audit for compliance?"
I have had other clients whose insurance asked the question in that way. It produces a better view of what should be happening and how to show compliance.
I recommend that companies being asked these questions by their legal departments or insurance companies should contract with a god computer security consultant to assist with answering these very tricky questions. Of course if it is just you boss's
curiosity then you may need to discuss his requirements with him in more depth.
¯\_(ツ)_/¯ -
How can I handle disconnected user in Forte ?
Hi Forte user,
we would like to develop an application in Forte which support
disconnected user ( or site ). That mean every morning the disconnected user
( or site ) will dial up to server and synchronize the data. Have anyone out
there developing the similar application?
Should I synchronize the data with database function ( we have to support
different database such MS SQL ,Oracle ... access database ) or write an
application in Forte that can serialized the object itself ?
Any help welcome !
Kelvin
To unsubscribe, email '[email protected]' with
'unsubscribe forte-users' as the body of the message.
Searchable thread archive <URL:http://pinehurst.sageit.com/listarchive/>First of all, I would like to thanks for your time and help.
What I am trying to do is very simple. Our company has MS SQL server as
central database. It stores all data for our agents. Each agents either
connect on-line or off-line. Besides, they are running our forte application
with their database ( may be sysbase, access .. database ).
For those agents that are off-line, we would like to extract the data
periodically and update the database in our company. Sometime, we may need
to send data back to our agents.
I have follow your suggestion to read the persisent Q manager. But I still
don't know how to start. What is the pitfall to implement persisent Q
manager?
By the way, if I want to keep the data in synch. Is it simply to have
persisent Q manager running at background. Everytime database object
insert/modify the database, I make an object serialized and put into the Q
manager waiting for sending serialized object to my company?
Kelvin.
To unsubscribe, email '[email protected]' with
'unsubscribe forte-users' as the body of the message.
Searchable thread archive <URL:http://pinehurst.sageit.com/listarchive/> -
What is better a shell script or a user exit?
Hi experts!
I need to change the owner of a file when I send it to XI sever.
I talk with the administrator of the system to change the owner with a shell script but he tell me that is better if I use a user exit. But my question is: What is better? The shell script or the user exit?hi,
>>>>I talk with the administrator of the system to change the owner with a shell script but he tell me that is better if I use a user exit
maybe because the admin does not do the user exits ?
you can do it with XI but you'll have to create it
via a proxy for example (as standard file adapter does
not support this)
on the other hand the file adapter supports invoking
system commands (so you can start a shell script)
I'm not directly answering your question
I'm just telling you what you'll have to do
to build your solution in both cases
Regards,
michal
<a href="/people/michal.krawczyk2/blog/2005/06/28/xipi-faq-frequently-asked-questions"><b>XI / PI FAQ - Frequently Asked Questions</b></a> -
AFP disconnects users, file opening problems, abnormal exits and bus errors
Hi all
Since a few weeks we have been having problems with AFP file sharing with OS X Server 10.5.5 (Simple config)
Several times a day the server stops responding to save commands (especially with Adobe software) or abruptly disconnects users. The console error most frequently associated with these crashes is:
"com.apple.launchd[1] (com.apple.AppleFileServer[3674]) Exited abnormally: Bus error"
sometimes starting server preferences we get the following error (roughly translated from French):
An Error has occured on the server while executing a command.
the error "CANNOTFSGETVOLINFOERR" occured while executing a command of type "getVolumeList" in the module "servermgr_filebrowser"
I'm past hoping for a quick fix but any pointers or ideas of what to look for would be greatly appreciated.
Robin LambellI just want to make sure I have the steps clear.
disable the automounts in 'Filesharing' in Server Admin
I disable the automounts in the File Sharing tab of Server Admin by clicking on each share point and clicking the Unshare button.
then remove the sharepoints
How? Isn't that automatic? I chose to unshare a share point and it disappeared from the list. Is that enough?
Then in Terminal.app do:
sudo rm /private/var/etc/AFP.conf
Then:
sudo rm /Library/Preferences/com.apple.AppleFileServer.plist
Then in Server Admin, restore the sharepoints back and automounts. Then restart the AFP service.
I restore the share points by manually choosing to share each of them again? I'll have to redefine each one, won't I?
Thanks for the help. I haven't done this before and I want to make sure I'm doing it right. -
I get requests from my client in the form of spreadsheet asking me to disconnect users that are logged in for more than 1 hour.I know there are maxL statements to disconnect all users. I am looking at 10-20 users at a time.
Is there a statement as I would like to put this in excel and automate it instead of going over the process through EAS.its take a lot of time and hurts my fingers.Hi rtk & 833738,
Cameron and Glenn both make good points, and I think you should consider the KISS (Keep It Simple) route to an effective solution.
To me it sounds like your cubes are getting excessively fragmented (typical during a heavy planning cycle). Are you doing nightly maintenance such as export-clear-load of your data to help control this? Additionally, a good review of your tuning, optimization, and settings in essbase may reveal some areas that can be improved on. Finally, I think you may need to review your hardware requirements. Hardware, faster disks, more memory etc, can have a significant positive impact on performance and stability with relatively very low cost, and short implementation time.
If you still feel you need a utility to suit your unique requirements, this can certainly be created in fairly short order. Contact me at my email address and I can help you out with this. Also, consider Accelatis; a tool that can help manage this and more.
Robb Salzmann -
Is there a way to disconnect users from a single database without logging off all users from the server?
You can do it at the Application level, since you usually have one db to one app it should be fine.<BR><BR>alter system logout session on application 'Sample';
-
Modify Script to Create User Role on Single Database.
Hi All,
Below is the script to create user role on database. Here problem is when I execute this script, it creates user role for all database within an instance and I want it to create user role only on 2 database say TEST1 and TEST2
Can anyone help me to modify the script?
--===================================================================================
-- Description
-- Database Type: MSSQL
-- This script creates a role called 'gdmmonitor' for ALL databases.
-- It grants some system catalogs to this role to allow Classification and Assessment on the database.
-- It then adds a user called "sqlguard" to all databases and grants this user gdmmonitor role.
-- before runnign this script
-- you MUST CREATE A SQL LOGIN CALLED 'sqlguard'
-- This sqlguard login doesn't need to be added to any database or given
-- any privilege. The script will take care of that.
-- Note:
-- If you wish to use a different login name (instead of 'sqlguard') you need to change
-- the value of the variable '@Guardium_user' in the script below;
-- (Look for the string: "set @Guardium_user = 'sqlguard'" and replace the 'sqlguard')
-- after runnign this script
-- Nothing to do, the script already creates the db user
-- User/Password to use
-- User: sqlguard (or any other name, if changed)
-- Pass: user defined
-- Role: gdmmonitor
--===================================================================================
PRINT '>>>==================================================================>>>'
PRINT '>>> Creating role: "gdmmonitor" at the server level.'
PRINT '>>>==================================================================>>>'
-- Change to the master database
USE master
-- *** If a different login name is desired, define it here. ***
DECLARE @Guardium_user AS varchar(50)
set @Guardium_user = 'sqlguard'
DECLARE @dbName AS varchar(256)
DECLARE @memberName AS varchar(256)
DECLARE @dbVer AS nvarchar(128)
SET @dbVer = CAST(serverproperty('ProductVersion') AS nvarchar)
SET @dbVer = SUBSTRING(@dbVer, 1, CHARINDEX('.', @dbVer) - 1)
IF (@dbVer = '8') SET @dbVer = '2000'
ELSE IF (@dbVer = '9') SET @dbVer = '2005'
ELSE IF (@dbVer = '10') SET @dbVer = '2008'
ELSE IF (@dbVer = '11') SET @dbVer = '2012'
ELSE SET @dbVer = '''Unsupported Version'''
IF (@dbVer != '2000')
BEGIN
-- This privilege is required to peform a specific MSSQL test.
-- Test name: SQL OLEDB disabled (DisallowAdhocAccess registry key)
-- Procedure execute: EXEC master.dbo.sp_MSset_oledb_prop
-- Purpose: To display provider property, not changing anything.
PRINT '==> Granting MSSSQL 2005 and above setupadmin server role'
EXEC master..sp_addsrvrolemember @loginame = @Guardium_user, @rolename = N'setupadmin'
END
SELECT @dbName = DB_NAME()
PRINT '==> Starting MSSql ' + @dbVer + ' role creation on database: ' + @dbName
-- find any members of the role if they exist
CREATE TABLE #rolemember (membername VARCHAR(256) NOT NULL)
INSERT INTO #rolemember
SELECT DISTINCT usr.name FROM dbo.sysusers usr, .dbo.sysmembers mbr
WHERE usr.uid = mbr.memberuid
AND mbr.groupuid = (SELECT uid FROM .dbo.sysusers WHERE name = 'gdmmonitor')
-- Drop the Role Members If they exist
IF EXISTS (SELECT count(*) FROM #rolemember)
BEGIN
PRINT '==> Dropping the gdmmonitor role members on: ' + @dbName
DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember
OPEN DropCursor
FETCH DropCursor INTO @memberName
WHILE @@Fetch_Status = 0
BEGIN
PRINT '==> Dropping member: ''' + @memberName + ''''
exec('EXEC sp_droprolemember ''gdmmonitor'', ''' + @memberName + ''' ;')
FETCH DropCursor INTO @memberName
END
CLOSE DropCursor
DEALLOCATE DropCursor
END
-- drop the role if it exists
IF EXISTS (SELECT 1 FROM .dbo.sysusers WHERE name = 'gdmmonitor')
BEGIN
PRINT '==> Dropping the role gdmmonitor on: ' + @dbName
exec sp_droprole 'gdmmonitor'
END
-- Create the role
PRINT '==> Creating the role gdmmonitor on: ' + @dbName
exec sp_addrole 'gdmmonitor'
-- Grant select privileges to the role for MSSql Common
PRINT '==> Granting common SELECT privileges on: ' + @dbName
GRANT SELECT ON dbo.spt_values TO gdmmonitor
GRANT SELECT ON dbo.sysmembers TO gdmmonitor
GRANT SELECT ON dbo.sysobjects TO gdmmonitor
GRANT SELECT ON dbo.sysprotects TO gdmmonitor
GRANT SELECT ON dbo.sysusers TO gdmmonitor
GRANT SELECT ON dbo.sysconfigures TO gdmmonitor
GRANT SELECT ON dbo.sysdatabases TO gdmmonitor
GRANT SELECT ON dbo.sysfiles TO gdmmonitor
GRANT SELECT ON dbo.syslogins TO gdmmonitor
GRANT SELECT ON dbo.syspermissions TO gdmmonitor
-- Grant execute privileges to the role for MSSql Common
PRINT '==> Granting common EXECUTE privileges on: ' + @dbName
GRANT EXECUTE ON sp_helpdbfixedrole TO gdmmonitor
GRANT EXECUTE ON sp_helprotect TO gdmmonitor
GRANT EXECUTE ON sp_helprolemember TO gdmmonitor
GRANT EXECUTE ON sp_helpsrvrolemember TO gdmmonitor
GRANT EXECUTE ON sp_tables TO gdmmonitor
GRANT EXECUTE ON sp_validatelogins TO gdmmonitor
GRANT EXECUTE ON sp_server_info TO gdmmonitor
-- Check if the version is 2005 or greater
IF (@dbVer != '2000')
BEGIN
-- Grant select privileges to the role for MSSql 2005 and above
PRINT '==> Granting MSSql 2005 and above SELECT privileges on: ' + @dbName
GRANT SELECT ON sys.all_objects TO gdmmonitor
GRANT SELECT ON sys.database_permissions TO gdmmonitor
GRANT SELECT ON sys.database_principals TO gdmmonitor
GRANT SELECT ON sys.sql_logins TO gdmmonitor
GRANT SELECT ON sys.sysfiles TO gdmmonitor
GRANT SELECT ON sys.database_role_members TO gdmmonitor
GRANT SELECT ON sys.server_role_members TO gdmmonitor
GRANT SELECT ON sys.configurations TO gdmmonitor
GRANT SELECT ON sys.master_key_passwords TO gdmmonitor
GRANT SELECT ON sys.server_principals TO gdmmonitor
GRANT SELECT ON sys.server_permissions TO gdmmonitor
GRANT SELECT ON sys.credentials
TO gdmmonitor
--This is called by master.dbo.sp_MSset_oledb_prop.
--By defautl it should have already been granted to public.
GRANT EXECUTE ON sys.xp_instance_regread TO GDMMONITOR
GRANT EXECUTE ON sys.sp_MSset_oledb_prop TO GDMMONITOR
END
-- Re-add the dropped members
IF EXISTS (SELECT 1 FROM #rolemember)
BEGIN
PRINT '==> Re-adding the role members on: ' + @dbName
DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember
OPEN DropCursor
FETCH DropCursor INTO @memberName
WHILE @@Fetch_Status = 0
BEGIN
PRINT '==> Re-adding member: ''' + @memberName + ''''
exec('EXEC sp_addrolemember ''gdmmonitor'', ''' + @memberName + ''' ;')
FETCH DropCursor INTO @memberName
END
CLOSE DropCursor
DEALLOCATE DropCursor
END
-- END of role creation on database
PRINT '==> END of role creation on: ' + @dbName
PRINT ''
-- Change to the msdb database
USE msdb
set @memberName = ''
SELECT @dbName = DB_NAME()
PRINT '==> Starting MSSql ' + @dbVer + ' role creation on database: ' + @dbName
-- find any members of the role if it exists
TRUNCATE TABLE #rolemember
INSERT INTO #rolemember
SELECT DISTINCT usr.name FROM .dbo.sysusers usr, .dbo.sysmembers mbr
WHERE usr.uid = mbr.memberuid
AND groupuid = (SELECT uid FROM .dbo.sysusers WHERE name = 'gdmmonitor')
-- Drop the Role Members If they exist
IF EXISTS (SELECT count(*) FROM #rolemember)
BEGIN
PRINT '==> Dropping the gdmmonitor role members on: ' + @dbName
DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember
OPEN DropCursor
FETCH DropCursor INTO @memberName
WHILE @@Fetch_Status = 0
BEGIN
PRINT '==> Dropping member: ''' + @memberName + ''''
exec('EXEC sp_droprolemember ''gdmmonitor'', ''' + @memberName + ''' ;')
FETCH DropCursor INTO @memberName
END
CLOSE DropCursor
DEALLOCATE DropCursor
END
-- drop the role if it exists
IF EXISTS (SELECT 1 FROM .dbo.sysusers WHERE name = 'gdmmonitor')
BEGIN
PRINT '==> Dropping the gdmmonitor role on: ' + @dbName
exec sp_droprole 'gdmmonitor'
END
-- Create the role
PRINT '==> Creating the gdmmonitor role on: ' + @dbName
exec sp_addrole 'gdmmonitor'
-- Grant select privileges to the role for MSSql Common
PRINT '==> Granting common SELECT privileges on: ' + @dbName
GRANT SELECT ON dbo.sysobjects TO gdmmonitor
GRANT SELECT ON dbo.sysusers TO gdmmonitor
GRANT SELECT ON dbo.sysprotects TO gdmmonitor
GRANT SELECT ON dbo.sysmembers TO gdmmonitor
GRANT SELECT ON dbo.sysfiles TO gdmmonitor
GRANT SELECT ON dbo.syspermissions TO gdmmonitor
GRANT SELECT ON dbo.backupset TO gdmmonitor
-- Check if the version is 2005 or greater
IF (@dbVer != '2000')
BEGIN
-- Grant select privileges to the role for MSSql 2005 and above
PRINT '==> Granting MSSql 2005 and above SELECT privileges on: ' + @dbName
GRANT SELECT ON sys.all_objects TO gdmmonitor
GRANT SELECT ON sys.database_permissions TO gdmmonitor
GRANT SELECT ON sys.database_principals TO gdmmonitor
GRANT SELECT ON sys.sysfiles TO gdmmonitor
-- Grant execute privileges to the role for MSSql 2005 or above
PRINT '==> Granting MSSql 2005 and above EXECUTE privileges on: ' + @dbName
GRANT EXECUTE ON msdb.dbo.sp_enum_login_for_proxy TO gdmmonitor
GRANT SELECT ON sys.database_role_members TO gdmmonitor
END
IF (@dbVer > '2000' and @dbVer < '2012')
--This sp is not available in SQL 2012
BEGIN
GRANT EXECUTE ON sp_get_dtspackage TO gdmmonitor
END
-- Re-add the dropped members
IF EXISTS (SELECT count(*) FROM #rolemember)
BEGIN
PRINT '==> Re-adding the gdmmonitor role members on: ' + @dbName
DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember
OPEN DropCursor
FETCH DropCursor INTO @memberName
WHILE @@Fetch_Status = 0
BEGIN
PRINT '==> Re-adding member: ''' + @memberName + ''''
exec('EXEC sp_addrolemember ''gdmmonitor'', ''' + @memberName + ''' ;')
FETCH DropCursor INTO @memberName
END
CLOSE DropCursor
DEALLOCATE DropCursor
END
-- drop the temporary table
DROP TABLE #rolemember
-- END of role creation on database
PRINT '==> END of gdmmonitor role creation on: ' + @dbName
-- Role creation complete
PRINT '<<<==================================================================<<<'
PRINT '<<< END of creating role: "gdmmonitor" at the server level.'
PRINT '<<<==================================================================<<<'
PRINT ''
PRINT '>>>==================================================================>>>'
PRINT '>>> Starting application database role creation'
PRINT '>>>==================================================================>>>'
use master
DECLARE @databaseName AS varchar(80)
DECLARE @executeString AS varchar(7950)
DECLARE @dbcounter as int
set @dbcounter = 0
DECLARE DatabaseCursor CURSOR FOR SELECT name from sysdatabases where name not in ('master', 'msdb')
and not (status & 1024 > 1)
--read only
and not (status & 4096 > 1)
--single user
and not (status & 512 > 1)
--offline
and not (status & 32 > 1)
--loading
and not (status & 64 > 1)
--pre recovery
and not (status & 128 > 1)
--recovering
and not (status & 256 > 1)
--not recovered
and not (status & 32768 > 1)
--emergency mode
OPEN DatabaseCursor
FETCH DatabaseCursor INTO @databaseName
WHILE @@Fetch_Status = 0
BEGIN
set @dbcounter = @dbcounter + 1
set @databaseName = '"' + @databaseName + '"'
set @executeString = ''
set @executeString = 'use ' + @databaseName + ' ' +
'PRINT ''>>>==================================================================>>>'' ' +
'PRINT ''>>> Starting MSSql ' + @dbVer + ' role creation on database: ' + @databaseName + ''' ' +
'PRINT ''>>>==================================================================>>>'' ' +
'/* Variable @memberNameDBname must be declare within the string or else it will fail */ ' +
'DECLARE @memberName' + cast(@dbcounter as varchar(5)) + ' as varchar(50) ' +
'/*find any members of the role if it exists*/ ' +
'CREATE TABLE #rolemember (membername VARCHAR(256) NOT NULL) ' +
'INSERT INTO #rolemember ' +
'SELECT DISTINCT usr.name FROM dbo.sysusers usr, dbo.sysmembers mbr ' +
'WHERE usr.uid = mbr.memberuid ' +
'AND groupuid = (SELECT uid FROM dbo.sysusers WHERE name = ''gdmmonitor'') ' +
'/*Drop the Role Members If they exist*/ ' +
'IF EXISTS (SELECT * FROM #rolemember) ' +
'BEGIN ' +
'PRINT ''==> Dropping the role members on: ' + @databaseName + ''' ' +
'DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember ' +
'OPEN DropCursor ' +
'FETCH DropCursor INTO @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'WHILE @@Fetch_Status = 0 ' +
'BEGIN ' +
'PRINT ''==> Dropping member: '' + @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'exec(''EXEC sp_droprolemember ''''gdmmonitor'''', '''''' + @memberName' + cast(@dbcounter as varchar(5)) + ' + '''''';'') ' +
'FETCH DropCursor INTO @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'END ' +
'CLOSE DropCursor ' +
'DEALLOCATE DropCursor ' +
'END ' +
'/*drop the role if it exists*/ ' +
'IF EXISTS (SELECT 1 FROM .dbo.sysusers WHERE name = ''gdmmonitor'') ' +
'BEGIN ' +
'PRINT ''==> Dropping the gdmmonitor role on: ' + @databaseName + ''' ' +
'exec sp_droprole ''gdmmonitor'' ' +
'END ' +
'/* Create the role */ ' +
'PRINT ''==> Creating the gdmmonitor role on: ' + @databaseName + ''' ' +
'exec sp_addrole ''gdmmonitor'' ' +
'/* Grant select privileges to the role for MSSql Common */ ' +
'PRINT ''==> Granting common SELECT privileges on: ' + @databaseName + ''' ' +
'GRANT SELECT ON dbo.sysmembers TO gdmmonitor ' +
'GRANT SELECT ON dbo.sysobjects TO gdmmonitor ' +
'GRANT SELECT ON dbo.sysprotects TO gdmmonitor ' +
'GRANT SELECT ON dbo.sysusers TO gdmmonitor ' +
'GRANT SELECT ON dbo.sysfiles TO gdmmonitor ' +
'GRANT SELECT ON dbo.syspermissions TO gdmmonitor ' +
'/* Check if the version is 2005 or greater */ ' +
'IF (' + @dbVer + ' != ''2000'') ' +
'BEGIN ' +
'/* Grant select privileges to the role for MSSql 2005 and above */ ' +
'PRINT ''==> Granting MSSql 2005 and above SELECT privileges on: ' + @databaseName + ''' ' +
'GRANT SELECT ON sys.database_permissions TO gdmmonitor ' +
'GRANT SELECT ON sys.all_objects TO gdmmonitor ' +
'GRANT SELECT ON sys.database_principals TO gdmmonitor ' +
'GRANT SELECT ON sys.sysfiles TO gdmmonitor ' +
'GRANT SELECT ON sys.database_role_members TO gdmmonitor ' +
'END ' +
'/* Re-add the dropped members */ ' +
'IF EXISTS (SELECT 1 FROM #rolemember) ' +
'BEGIN ' +
'PRINT ''==> Re-adding the gdmmonitor role members on: ' + @databaseName + ''' ' +
'DECLARE DropCursor CURSOR FOR SELECT membername from #rolemember ' +
'OPEN DropCursor ' +
'FETCH DropCursor INTO @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'WHILE @@Fetch_Status = 0 ' +
'BEGIN ' +
'PRINT ''==> Re-adding member: '' + @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'exec(''EXEC sp_addrolemember ''''gdmmonitor'''', '''''' + @memberName' + cast(@dbcounter as varchar(5)) + ' + '''''';'') ' +
'FETCH DropCursor INTO @memberName' + cast(@dbcounter as varchar(5)) + ' ' +
'END ' +
'CLOSE DropCursor ' +
'DEALLOCATE DropCursor ' +
'END ' +
'/* drop the temporary table */ ' +
'DROP TABLE #rolemember ' +
'PRINT ''<<<==================================================================<<<'' ' +
'PRINT ''<<< END of role creation on: ' + @databaseName + ''' ' +
'PRINT ''<<<==================================================================<<<'' ' +
'PRINT '' ''' +
'PRINT '' '''
execute (@executeString)
FETCH DatabaseCursor INTO @databaseName
END
CLOSE DatabaseCursor
DEALLOCATE DatabaseCursor
-- Adding user to all the databases
-- and grant gdmmonitor role, only if login exists.
PRINT '>>>==================================================================>>>'
PRINT '>>> Add and Grant gdmmonitor role to: ''' + @Guardium_user + ''''
PRINT '>>> on all databases.'
PRINT '>>>==================================================================>>>'
USE master
/* Check if @Guardium_user is a login exist, if not do nothing.*/
IF NOT EXISTS (select * from syslogins where name = @Guardium_user)
BEGIN
PRINT ''
PRINT '************************************************************************'
PRINT '*** ERROR: Could not find the login: ''' + @Guardium_user + ''''
PRINT '*** Please add the login and re-run this script.'
PRINT '************************************************************************'
PRINT ''
END
ELSE
BEGIN
DECLARE @counter AS smallint
set @counter = 0
-- This loop runs 4 time just to make sure that the @Guardium_user gets added to all db.
-- 99% of the time, this is totally unnecessary. But in some rare case on SQL 2005
-- the loop skips some databases when it tried to add the @Guardium_user.
-- After two to three executions, the user is added in all the dbs.
-- Might be a SQL Server bug.
WHILE @counter <= 3
BEGIN
set @counter = @counter + 1
set @databaseName = ''
set @executeString = ''
DECLARE DatabaseCursor CURSOR FOR SELECT name from sysdatabases
where not (status & 1024 > 1)
--read only
and not (status & 4096 > 1)
--single user
and not (status & 512 > 1)
--offline
and not (status & 32 > 1)
--loading
and not (status & 64 > 1)
--pre recovery
and not (status & 128 > 1)
--recovering
and not (status & 256 > 1)
--not recovered
and not (status & 32768 > 1)
--emergency mode
OPEN DatabaseCursor
FETCH DatabaseCursor INTO @databaseName
WHILE @@Fetch_Status = 0
BEGIN
set @databaseName = '"' + @databaseName + '"'
set @executeString = ''
set @executeString = 'use ' + @databaseName + ' ' +
'/*Check if the login already has access to this database */ ' +
'IF EXISTS (select * from sysusers where name = ''' + @Guardium_user + ''' and islogin = 1) ' +
'BEGIN ' +
'/*Check if login already have gdmmonitor role*/ ' +
'IF NOT EXISTS (SELECT usr.name FROM dbo.sysusers usr, dbo.sysmembers mbr WHERE usr.uid = mbr.memberuid ' +
'AND mbr.groupuid = (SELECT uid FROM dbo.sysusers WHERE name = ''gdmmonitor'') ' +
'AND usr.name = ''' + @Guardium_user + ''') ' +
'BEGIN ' +
'PRINT ''==> Granting gdmmonitor role to ' + @Guardium_user + ' on database ' + @databaseName + ''' ' +
'execute sp_addrolemember ''gdmmonitor''' + ', [' + @Guardium_user + '] ' +
'PRINT '' ''' +
'END ' +
'END ' +
'IF NOT EXISTS (select * from sysusers where name = ''' + @Guardium_user + ''' and islogin = 1) ' +
'BEGIN ' +
'PRINT ''==> Adding user [' + @Guardium_user + '] to database: ' + @databaseName + ''' ' +
'execute sp_adduser [' + @Guardium_user + '] ' +
'PRINT ''==> Granting gdmmonitor role to ' + @Guardium_user + ' on database ' + @databaseName + ''' ' +
'execute sp_addrolemember ''gdmmonitor''' + ', [' + @Guardium_user + '] ' +
'PRINT '' ''' +
'END '
execute (@executeString)
FETCH DatabaseCursor INTO @databaseName
END
CLOSE DatabaseCursor
DEALLOCATE DatabaseCursor
END -- end while
-- Required for Version 2005 or greater.
IF (@dbVer != '2000')
BEGIN
-- Grant system privileges to the @guardium_user. This is a requirement for >= SQL 2005
-- or else some system catalogs will filter our result from assessment test.
-- This will show up in sys.server_permissions view.
PRINT '==> Granting catalog privileges to: ''' + @Guardium_user + ''''
execute ('grant VIEW ANY DATABASE to [' + @Guardium_user + ']' )
execute ('grant VIEW ANY DEFINITION to [' + @Guardium_user + ']' )
END
PRINT '<<<==================================================================<<<'
PRINT '<<< Finished Adding and Granting gdmmonitor role to: ''' + @Guardium_user + ''''
PRINT '<<< on all databases.'
PRINT '<<<==================================================================<<<'
PRINT ''
END
GOThanks a lot Sir... it worked.
Can you also help me in troubleshooting below issue?
This script is working fine on all databases except one MS SQL 2005 database. build of this database is 9.00.3042.00
SA account with highest privileges is been used for script execution. errors received are as follow:
>>>==================================================================>>>
>>> Creating role: "gdmmonitor" at the server level.
>>>==================================================================>>>
==> Granting MSSSQL 2005 and above setupadmin server role
==> Starting MSSql 2005 role creation on database: master
(0 row(s) affected)
==> Dropping the gdmmonitor role members on: master
==> Creating the role gdmmonitor on: master
Msg 15002, Level 16, State 1, Procedure sp_addrole, Line 16
The procedure 'sys.sp_addrole' cannot be executed within a transaction.
==> Granting common SELECT privileges on: master
Msg 15151, Level 16, State 1, Line 117
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 118
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 119
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 120
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 121
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 122
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 123
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 124
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 125
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 126
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
==> Granting common EXECUTE privileges on: master
Msg 15151, Level 16, State 1, Line 130
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 131
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 132
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 133
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 134
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 135
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission.
Msg 15151, Level 16, State 1, Line 136
Cannot find the user 'gdmmonitor', because it does not exist or you do not have permission. -
Script to create user in OBIEE 10g
In OBIEE 10g, is it possible to use a script to create users automatically.
I need this option to import user from the LDAP because if the LDAP are not created in OBI adminsitration tool, they can´t enter in analyticas (BI Server error)I suggest you to read
Oracle9i Database Performance Tuning Guide and Reference
Release 2 (9.2)
Part Number A96533-02
Chapter 7. Using Plan Stability
~ Madrid -
Script to create user OUTLN in 9i
Hi,
Note 240478.1 "Script to create user OUTLN in 9i"
This script create OUTLN user.
And then should we :
" issue grants, create tables and indexes."
The qustion is :
should we issue grants, create tables and indexes after executing the script ? Then
create which tables , which indexes ? Does the script it-self do not this
Many thanks before.I suggest you to read
Oracle9i Database Performance Tuning Guide and Reference
Release 2 (9.2)
Part Number A96533-02
Chapter 7. Using Plan Stability
~ Madrid -
Setup timeout and disconnect user
Hi There,
Some of users have excel addin or smartview connect to Essbase cube but forget to disconnect. I am wondering if there is property I can setup to logout/disconnect user from Excel addin or smartview after 20 minutes?
ThanksIn the Essbase server properties, you can set an Idle disconnect time. In EAS select the server name right click and select Edit -> Properties on the security tab is the inactive time out settings. If either value is set to 0 it means never time out. Smartview also has its own timeout value that you can set independently.
Maybe you are looking for
-
Best Size For Back Up Disk?
What is peoples experience with the best or minimum external HD size to use with hourly back ups via Time Machine? I would imagine that at least double the GB of the drive that is being backed up would be necessary, but should it be even greater? Or
-
Difference between Web Service URL and Report Manager URL
What is the difference between Web Service URL and Report Manager URL in Reporting Service configuration manager in SQl Server 2008 Reporting Setrvices
-
Estimate time usage for doing an P2V in VMM 2008 R2
Hi Is it possible to get a estimated time usage for doing a P2V in VMM 2008 R2? Maybe a preliminary scan or something? Lasse /Lasse
-
I've tried several times to use iTunes Match that I purchased but keep getting an error message half way through the process
-
T530 manufacturing flaw causes thinklight to turn on when pressing on controls
I've noticed an interesting issue with my custom built T530. I first noticed it when I pressed and held the volume up button. When pressed hard enough, the Thinklight turns on. Upon further investigation, I found that I didn't have to press the butto