Import-Module SqlServer #Clear-AzContext #Connect-AzAccount Write-Host "======================================================================================================================================================================" Write-Host "Creating SQL user list." Write-Host "======================================================================================================================================================================" [string] $date = Get-Date -Format "yyyy-MM-dd HHmm" $filename = ".\$date SQL User check.csv" class UserItem { [string] $ServerName = "" [string] $DatabaseName = "" [string] $UserName = "" [string] $CreateDate = "" [string] $ModifyDate = "" [string] $Type = "" [string] $AuthenticationType = "" } $serverList= @('c0m7f8nybr.database.windows.net','calculations.database.windows.net','effectory.database.windows.net','effectorycore.database.windows.net', 'logit-backup.database.windows.net', 'mhpfktialk.database.windows.net', 'participants.database.windows.net', 'signin-effectory.database.windows.net', 'sqlserver01prod.6a1f4aa9f43a.database.windows.net') $databaseListQuery = @' SELECT name, database_id, create_date FROM sys.databases order by name; '@ $userListQuery = @' select @@SERVERNAME as serverName, DB_NAME() as databaseName, name as username, create_date, modify_date, type_desc as type, authentication_type_desc as authentication_type from sys.database_principals where type not in ('R') and sid is not null and name != 'guest' order by name; '@ foreach ($server in $serverlist) { Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------" Write-Host "Server [$server)]" Write-Host "----------------------------------------------------------------------------------------------------------------------------------------------------------------------" $access_token_secure = (Get-AzAccessToken -ResourceUrl https://database.windows.net).Token $access_token = [System.Runtime.InteropServices.Marshal]::PtrToStringAuto([System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($access_token_secure)) $connectionString = "Data Source=$server;Initial Catalog=master;Persist Security Info=False;Encrypt=True;TrustServerCertificate=False;Application Name=CloudEngineering"; $databases = Invoke-Sqlcmd -Query $databaseListQuery -ConnectionString $connectionString -AccessToken $access_token foreach ($database in $databases) { Write-Host "Database [$($database.name)]" [UserItem[]]$Result = @() $databaseName = $database.name $databaseConnectionString = "Data Source=$server;Initial Catalog=$databaseName;Persist Security Info=False;Encrypt=True;TrustServerCertificate=False;Application Name=CloudEngineering"; $users = Invoke-Sqlcmd -Query $userListQuery -ConnectionString $databaseConnectionString -AccessToken $access_token foreach ($user in $users) { [UserItem] $userItem = [UserItem]::new() $userItem.ServerName = $server $userItem.DatabaseName = $database.name $userItem.UserName = $user.username $userItem.CreateDate = $user.create_date $userItem.ModifyDate = $user.modify_date $userItem.Type = $user.type $userItem.AuthenticationType = $user.authentication_type $Result += $userItem } $Result | Export-Csv -Path $fileName -Append -NoTypeInformation } } Write-Host "======================================================================================================================================================================" Write-Host "Done."