Impersonate while scripting or running external commands?

hi,

I'm evaluating Multiscript and found it quite nice. But we are performing some tasks that would require me to try to log in as another user and report back the result and optionally make some queries.

Another sugestion, how about a feature to populate the serverlist with a SQL-query? I'm not a big fan of using the serverlist. In that case it would be easy to populate the serverlist with specific servers.

fredr1k April 03, 2008 05:24

Comments

2 comments

Hi,

There are a couple of ways to impersonate users using Transact-SQL

SQL 2000:
```
SETUSER &#91; 'username' &#91; WITH NORESET &#93; &#93;
```
http://msdn2.microsoft.com/en-us/library/ms186297.aspx

SQL 2005:
```
&#123; EXEC | EXECUTE &#93; AS &lt;context_specification&gt;
&#91;;&#93;

&lt;context_specification&gt;::=
&#123; LOGIN | USER &#125; = 'name'
    &#91; WITH &#123; NO REVERT | COOKIE INTO @varbinary_variable &#125; &#93; 
| CALLER
```
http://msdn2.microsoft.com/en-us/library/ms181362.aspx

Thanks for the feedback on the serverlist, this is already something we are considering for a future release of SQL Multi Script.

--
Daniel
dlkj April 03, 2008 08:20

0
Daniel,

Thanks for the input. I was totaly unaware of this command However it doesnt suite my needs. As a part of a security check i need to connect to the databases to check wether they have some obvious passwords on uses like SA etc. This forces me to make full sql-logon's to the system.

I'm pleased to hear about the population feature of the serverlist. In an enviroment similar to the one I'm sitting on right now it's not unusual with a sql-serverlist of 200+ machines.

fredr1k April 04, 2008 03:38

0

Add comment

Please sign in to leave a comment.

How can we help you today?

Impersonate while scripting or running external commands?

Comments

Add comment