Searching for Account Information

You can display information about individual user accounts. The information includes the permission paths for a given user account.

A permission path indicates how a user account is authorized to access SQL Server (for example, by membership in a local group that has been granted user privilege). A given user account might belong to multiple groups that have been granted user or SA privilege. When such a user connects, SQL Server will let the account access via a permission path that gives it the highest privilege access to the server. If you wish to remove a given Windows NT user account from all groups that have access to SQL Server, you can use the option to list all permission paths for the user. Then run the User Manager application to remove the user account from all those groups.

You can also view SQL Server login IDs of users who exist in SQL Server but no longer exist in a Windows NT group that has access permission.

    To search for account information for a user
  1. From the Security menu, choose Search.

    The Search For Account Information dialog box appears.

  2. In the Account box, type the name of a user.
  3. Select the appropriate search:
  4. Choose the Search button.

    The results are displayed, including the full name of the account, the highest level permission the user has in SQL Server, and the permission paths the user is accessing SQL Server through.

  5. Choose the Cancel button.
    To search for SQL Server Login IDs that do not have corresponding Windows NT accounts
  1. From the Security menu, choose Search.

    The Search For Account Information dialog box appears.

  2. Select the Find Orphan SQL Login IDs box.
  3. Choose the Search button.

    The results of the search are displayed.

  4. To drop SQL Server login IDs (other than sa, probe, repl_publisher, or repl_subscriber) that do not match Windows NT users with valid permissions, choose the Drop button.
  5. Choose the Cancel button.