mirror of
https://dev.azure.com/effectory/Survey%20Software/_git/Cloud%20Engineering
synced 2026-02-27 18:52:18 +01:00
Added SQL user list script #100863
This commit is contained in:
Jurjen Ladenius
@@ -41,6 +41,8 @@ class ResourceCheck {
|
|||||||
[string] $ResourceGroup = ""
|
[string] $ResourceGroup = ""
|
||||||
[string] $ResourceType = ""
|
[string] $ResourceType = ""
|
||||||
[string] $State = ""
|
[string] $State = ""
|
||||||
|
[string] $ManagementGroupId = ""
|
||||||
|
[string] $ManagementGroupName = ""
|
||||||
[string] $SubscriptionId = ""
|
[string] $SubscriptionId = ""
|
||||||
[string] $SubscriptionName = ""
|
[string] $SubscriptionName = ""
|
||||||
[string] $Tag_Team = ""
|
[string] $Tag_Team = ""
|
||||||
@@ -64,98 +66,110 @@ Write-Host "====================================================================
|
|||||||
Write-Host "Creating webapp resource overview."
|
Write-Host "Creating webapp resource overview."
|
||||||
Write-Host "======================================================================================================================================================================"
|
Write-Host "======================================================================================================================================================================"
|
||||||
|
|
||||||
$subscriptions = Get-AzSubscription | Where-Object State -eq "Enabled"
|
|
||||||
|
|
||||||
|
|
||||||
[string] $date = Get-Date -Format "yyyy-MM-dd HHmm"
|
[string] $date = Get-Date -Format "yyyy-MM-dd HHmm"
|
||||||
$fileName = ".\$date azure_webapps.csv"
|
$fileName = ".\$date azure_webapps.csv"
|
||||||
|
|
||||||
# rm $fileName
|
|
||||||
|
|
||||||
foreach ($subscription in $subscriptions)
|
$managementGroups = Get-AzManagementGroup
|
||||||
|
|
||||||
|
foreach ($managementGroup in $managementGroups)
|
||||||
{
|
{
|
||||||
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
|
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
|
||||||
|
Write-Host "Management group [$($managementGroup.Name)]"
|
||||||
|
|
||||||
Set-AzContext -SubscriptionId $subscription.Id
|
$subscriptions = Get-AzManagementGroupSubscription -Group $managementGroup.Name | Where-Object State -eq "Active"
|
||||||
|
|
||||||
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
|
foreach ($subscription in $subscriptions)
|
||||||
|
{
|
||||||
|
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
|
||||||
|
$scope = $subscription.Id.Substring($subscription.Parent.Length, $subscription.Id.Length - $subscription.Parent.Length)
|
||||||
|
$subscriptionId = $scope.Replace("/subscriptions/", "")
|
||||||
|
Write-Host "Subscription [$($subscription.DisplayName) - $subscriptionId]"
|
||||||
|
Set-AzContext -SubscriptionId $subscriptionId | Out-Null
|
||||||
|
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
|
||||||
|
|
||||||
$allResourceGroups = Get-AzResourceGroup
|
$allResourceGroups = Get-AzResourceGroup
|
||||||
[ResourceCheck[]]$Result = @()
|
[ResourceCheck[]]$Result = @()
|
||||||
|
|
||||||
foreach ($group in $allResourceGroups) {
|
foreach ($group in $allResourceGroups) {
|
||||||
|
|
||||||
Write-Host $group.ResourceGroupName
|
Write-Host $group.ResourceGroupName
|
||||||
|
|
||||||
$allWebApps = Get-AzWebApp -ResourceGroupName $group.ResourceGroupName
|
$allWebApps = Get-AzWebApp -ResourceGroupName $group.ResourceGroupName
|
||||||
|
|
||||||
foreach ($webApp in $allWebApps) {
|
foreach ($webApp in $allWebApps) {
|
||||||
|
|
||||||
[ResourceCheck] $resourceCheck = [ResourceCheck]::new()
|
|
||||||
$resourceCheck.ResourceId = $webApp.Id
|
|
||||||
$resourceCheck.Kind = $webApp.Kind
|
|
||||||
$resourceCheck.Location = $webApp.Location
|
|
||||||
$resourceCheck.State = $webApp.State
|
|
||||||
$resourceCheck.ResourceName = $webApp.Name
|
|
||||||
$resourceCheck.ResourceGroup = $webApp.ResourceGroup
|
|
||||||
$resourceCheck.ResourceType = $webApp.Type
|
|
||||||
$resourceCheck.SubscriptionId = $subscription.Id
|
|
||||||
$resourceCheck.SubscriptionName = $subscription.Name
|
|
||||||
$resourceCheck.Tag_Team = $webApp.Tags.team
|
|
||||||
$resourceCheck.Tag_Product = $webApp.Tags.product
|
|
||||||
$resourceCheck.Tag_Environment = $webApp.Tags.environment
|
|
||||||
$resourceCheck.Tag_Data = $webApp.Tags.data
|
|
||||||
$resourceCheck.Tag_CreatedOnDate = $webApp.Tags.CreatedOnDate
|
|
||||||
$resourceCheck.Tag_Deployment = $webApp.Tags.drp_deployment
|
|
||||||
$resourceCheck.Prop_HttpsOnly = $webApp.HttpsOnly
|
|
||||||
$resourceCheck.Prop_PhpVersion = $webApp.SiteConfig.PhpVersion
|
|
||||||
$resourceCheck.Prop_RemoteDebuggingEnabled = $webApp.SiteConfig.RemoteDebuggingEnabled
|
|
||||||
$resourceCheck.Prop_MinTlsVersion = $webApp.SiteConfig.MinTlsVersion
|
|
||||||
$resourceCheck.Prop_FtpsState = $webApp.SiteConfig.FtpsState
|
|
||||||
$resourceCheck.Prop_Http20Enabled = $webApp.SiteConfig.Http20Enabled
|
|
||||||
$resourceCheck.Prop_Identity = $webApp.Identity.Type
|
|
||||||
$resourceCheck.LastDeployDate = GetDeployment -siteName $webApp.Name -resourceGroupName $group.ResourceGroupName -subscriptionId $subscription.Id
|
|
||||||
|
|
||||||
$Result += $resourceCheck
|
|
||||||
|
|
||||||
$allSlots = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup
|
|
||||||
|
|
||||||
foreach ($slotTemp in $allSlots) {
|
|
||||||
|
|
||||||
[string] $slotName = $slotTemp.Name.Split("/")[1]
|
|
||||||
$slot = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup -Slot $slotName
|
|
||||||
|
|
||||||
[ResourceCheck] $resourceCheck = [ResourceCheck]::new()
|
[ResourceCheck] $resourceCheck = [ResourceCheck]::new()
|
||||||
$resourceCheck.ResourceId = $slot.Id
|
$resourceCheck.ResourceId = $webApp.Id
|
||||||
$resourceCheck.Kind = $slot.Kind
|
$resourceCheck.Kind = $webApp.Kind
|
||||||
$resourceCheck.Location = $slot.Location
|
$resourceCheck.Location = $webApp.Location
|
||||||
$resourceCheck.State = $slot.State
|
$resourceCheck.State = $webApp.State
|
||||||
$resourceCheck.ResourceName = $slot.Name
|
$resourceCheck.ResourceName = $webApp.Name
|
||||||
$resourceCheck.ResourceGroup = $slot.ResourceGroup
|
$resourceCheck.ResourceGroup = $webApp.ResourceGroup
|
||||||
$resourceCheck.ResourceType = $slot.Type
|
$resourceCheck.ResourceType = $webApp.Type
|
||||||
|
$resourceCheck.ManagementGroupId = $managementGroup.Id
|
||||||
|
$resourceCheck.ManagementGroupName = $managementGroup.DisplayName
|
||||||
$resourceCheck.SubscriptionId = $subscription.Id
|
$resourceCheck.SubscriptionId = $subscription.Id
|
||||||
$resourceCheck.SubscriptionName = $subscription.Name
|
$resourceCheck.SubscriptionName = $subscription.DisplayName
|
||||||
$resourceCheck.Tag_Team = $slot.Tags.team
|
$resourceCheck.Tag_Team = $webApp.Tags.team
|
||||||
$resourceCheck.Tag_Product = $slot.Tags.product
|
$resourceCheck.Tag_Product = $webApp.Tags.product
|
||||||
$resourceCheck.Tag_Environment = $slot.Tags.environment
|
$resourceCheck.Tag_Environment = $webApp.Tags.environment
|
||||||
$resourceCheck.Tag_Data = $slot.Tags.data
|
$resourceCheck.Tag_Data = $webApp.Tags.data
|
||||||
$resourceCheck.Tag_CreatedOnDate = $slot.Tags.CreatedOnDate
|
$resourceCheck.Tag_CreatedOnDate = $webApp.Tags.CreatedOnDate
|
||||||
$resourceCheck.Tag_Deployment = $slot.Tags.drp_deployment
|
$resourceCheck.Tag_Deployment = $webApp.Tags.drp_deployment
|
||||||
$resourceCheck.Prop_HttpsOnly = $slot.HttpsOnly
|
$resourceCheck.Prop_HttpsOnly = $webApp.HttpsOnly
|
||||||
$resourceCheck.Prop_PhpVersion = $slot.SiteConfig.PhpVersion
|
$resourceCheck.Prop_PhpVersion = $webApp.SiteConfig.PhpVersion
|
||||||
$resourceCheck.Prop_RemoteDebuggingEnabled = $slot.SiteConfig.RemoteDebuggingEnabled
|
$resourceCheck.Prop_RemoteDebuggingEnabled = $webApp.SiteConfig.RemoteDebuggingEnabled
|
||||||
$resourceCheck.Prop_MinTlsVersion = $slot.SiteConfig.MinTlsVersion
|
$resourceCheck.Prop_MinTlsVersion = $webApp.SiteConfig.MinTlsVersion
|
||||||
$resourceCheck.Prop_FtpsState = $slot.SiteConfig.FtpsState
|
$resourceCheck.Prop_FtpsState = $webApp.SiteConfig.FtpsState
|
||||||
$resourceCheck.Prop_Http20Enabled = $slot.SiteConfig.Http20Enabled
|
$resourceCheck.Prop_Http20Enabled = $webApp.SiteConfig.Http20Enabled
|
||||||
$resourceCheck.Prop_Identity = $slot.Identity.Type
|
$resourceCheck.Prop_Identity = $webApp.Identity.Type
|
||||||
|
$resourceCheck.LastDeployDate = GetDeployment -siteName $webApp.Name -resourceGroupName $group.ResourceGroupName -subscriptionId $subscription.Id
|
||||||
$resourceCheck.LastDeployDate = GetDeployment -siteName $webApp.Name -resourceGroupName $group.ResourceGroupName -subscriptionId $subscription.Id -slotName $slotName
|
|
||||||
|
|
||||||
$Result += $resourceCheck
|
$Result += $resourceCheck
|
||||||
|
|
||||||
|
$allSlots = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup
|
||||||
|
|
||||||
|
foreach ($slotTemp in $allSlots) {
|
||||||
|
|
||||||
|
[string] $slotName = $slotTemp.Name.Split("/")[1]
|
||||||
|
$slot = Get-AzWebAppSlot -Name $webApp.Name -ResourceGroupName $webApp.ResourceGroup -Slot $slotName
|
||||||
|
|
||||||
|
[ResourceCheck] $resourceCheck = [ResourceCheck]::new()
|
||||||
|
$resourceCheck.ResourceId = $slot.Id
|
||||||
|
$resourceCheck.Kind = $slot.Kind
|
||||||
|
$resourceCheck.Location = $slot.Location
|
||||||
|
$resourceCheck.State = $slot.State
|
||||||
|
$resourceCheck.ResourceName = $slot.Name
|
||||||
|
$resourceCheck.ResourceGroup = $slot.ResourceGroup
|
||||||
|
$resourceCheck.ResourceType = $slot.Type
|
||||||
|
$resourceCheck.ManagementGroupId = $managementGroup.Id
|
||||||
|
$resourceCheck.ManagementGroupName = $managementGroup.DisplayName
|
||||||
|
$resourceCheck.SubscriptionId = $subscription.Id
|
||||||
|
$resourceCheck.SubscriptionName = $subscription.DisplayName
|
||||||
|
$resourceCheck.Tag_Team = $slot.Tags.team
|
||||||
|
$resourceCheck.Tag_Product = $slot.Tags.product
|
||||||
|
$resourceCheck.Tag_Environment = $slot.Tags.environment
|
||||||
|
$resourceCheck.Tag_Data = $slot.Tags.data
|
||||||
|
$resourceCheck.Tag_CreatedOnDate = $slot.Tags.CreatedOnDate
|
||||||
|
$resourceCheck.Tag_Deployment = $slot.Tags.drp_deployment
|
||||||
|
$resourceCheck.Prop_HttpsOnly = $slot.HttpsOnly
|
||||||
|
$resourceCheck.Prop_PhpVersion = $slot.SiteConfig.PhpVersion
|
||||||
|
$resourceCheck.Prop_RemoteDebuggingEnabled = $slot.SiteConfig.RemoteDebuggingEnabled
|
||||||
|
$resourceCheck.Prop_MinTlsVersion = $slot.SiteConfig.MinTlsVersion
|
||||||
|
$resourceCheck.Prop_FtpsState = $slot.SiteConfig.FtpsState
|
||||||
|
$resourceCheck.Prop_Http20Enabled = $slot.SiteConfig.Http20Enabled
|
||||||
|
$resourceCheck.Prop_Identity = $slot.Identity.Type
|
||||||
|
|
||||||
|
$resourceCheck.LastDeployDate = GetDeployment -siteName $webApp.Name -resourceGroupName $group.ResourceGroupName -subscriptionId $subscription.Id -slotName $slotName
|
||||||
|
|
||||||
|
$Result += $resourceCheck
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
$Result | Export-Csv -Path $fileName -Append -NoTypeInformation
|
||||||
}
|
}
|
||||||
$Result | Export-Csv -Path $fileName -Append -NoTypeInformation
|
|
||||||
}
|
}
|
||||||
|
|
||||||
Write-Host "======================================================================================================================================================================"
|
Write-Host "======================================================================================================================================================================"
|
||||||
|
|||||||
88
Powershell/Lists/SQL/SQLUserCheck.ps1
Normal file
88
Powershell/Lists/SQL/SQLUserCheck.ps1
Normal file
@@ -0,0 +1,88 @@
|
|||||||
|
Import-Module SqlServer
|
||||||
|
|
||||||
|
#Clear-AzContext
|
||||||
|
#Connect-AzAccount
|
||||||
|
|
||||||
|
Write-Host "======================================================================================================================================================================"
|
||||||
|
Write-Host "Creating SQL user list."
|
||||||
|
Write-Host "======================================================================================================================================================================"
|
||||||
|
|
||||||
|
[string] $date = Get-Date -Format "yyyy-MM-dd HHmm"
|
||||||
|
$filename = ".\$date SQL User check.csv"
|
||||||
|
|
||||||
|
|
||||||
|
class UserItem {
|
||||||
|
[string] $ServerName = ""
|
||||||
|
[string] $DatabaseName = ""
|
||||||
|
[string] $UserName = ""
|
||||||
|
[string] $CreateDate = ""
|
||||||
|
[string] $ModifyDate = ""
|
||||||
|
[string] $Type = ""
|
||||||
|
[string] $AuthenticationType = ""
|
||||||
|
}
|
||||||
|
|
||||||
|
$serverList= @('c0m7f8nybr.database.windows.net','calculations.database.windows.net','effectory.database.windows.net','effectorycore.database.windows.net', 'logit-backup.database.windows.net', 'mhpfktialk.database.windows.net', 'participants.database.windows.net', 'signin-effectory.database.windows.net', 'sqlserver01prod.6a1f4aa9f43a.database.windows.net', 'teamie.database.windows.net')
|
||||||
|
|
||||||
|
# 'sqlserver01test.164709c94fb0.database.windows.net', 'replication.database.windows.net',
|
||||||
|
|
||||||
|
$databaseListQuery = @'
|
||||||
|
SELECT name, database_id, create_date
|
||||||
|
FROM sys.databases
|
||||||
|
order by name;
|
||||||
|
'@
|
||||||
|
|
||||||
|
$userListQuery = @'
|
||||||
|
select @@SERVERNAME as serverName,
|
||||||
|
DB_NAME() as databaseName,
|
||||||
|
name as username,
|
||||||
|
create_date,
|
||||||
|
modify_date,
|
||||||
|
type_desc as type,
|
||||||
|
authentication_type_desc as authentication_type
|
||||||
|
from sys.database_principals
|
||||||
|
where type not in ('A', 'G', 'R', 'X')
|
||||||
|
and sid is not null
|
||||||
|
and name != 'guest'
|
||||||
|
order by name;
|
||||||
|
'@
|
||||||
|
|
||||||
|
foreach ($server in $serverlist) {
|
||||||
|
|
||||||
|
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
|
||||||
|
Write-Host "Server [$server)]"
|
||||||
|
Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------"
|
||||||
|
|
||||||
|
$access_token = (Get-AzAccessToken -ResourceUrl https://database.windows.net).Token
|
||||||
|
$connectionString = "Data Source=$server;Initial Catalog=master;Persist Security Info=False;Encrypt=True;TrustServerCertificate=False;Application Name=CloudEngineering";
|
||||||
|
|
||||||
|
$databases = Invoke-Sqlcmd -Query $databaseListQuery -ConnectionString $connectionString -AccessToken $access_token
|
||||||
|
|
||||||
|
foreach ($database in $databases) {
|
||||||
|
|
||||||
|
Write-Host "Database [$($database.name)]"
|
||||||
|
|
||||||
|
[UserItem[]]$Result = @()
|
||||||
|
|
||||||
|
$databaseName = $database.name
|
||||||
|
$databaseConnectionString = "Data Source=$server;Initial Catalog=$databaseName;Persist Security Info=False;Encrypt=True;TrustServerCertificate=False;Application Name=CloudEngineering";
|
||||||
|
|
||||||
|
$users = Invoke-Sqlcmd -Query $userListQuery -ConnectionString $databaseConnectionString -AccessToken $access_token
|
||||||
|
|
||||||
|
foreach ($user in $users) {
|
||||||
|
[UserItem] $userItem = [UserItem]::new()
|
||||||
|
$userItem.ServerName = $server
|
||||||
|
$userItem.DatabaseName = $database.name
|
||||||
|
$userItem.UserName = $user.username
|
||||||
|
$userItem.CreateDate = $user.create_date
|
||||||
|
$userItem.ModifyDate = $user.modify_date
|
||||||
|
$userItem.Type = $user.type
|
||||||
|
$userItem.AuthenticationType = $user.authentication_type
|
||||||
|
$Result += $userItem
|
||||||
|
}
|
||||||
|
|
||||||
|
$Result | Export-Csv -Path $fileName -Append -NoTypeInformation
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
Write-Host "======================================================================================================================================================================"
|
||||||
|
Write-Host "Done."
|
||||||
Reference in New Issue
Block a user