Cloud Migration Made Easy

Considering a move to the cloud? Axial SQL brings you proven migration strategies to streamline your transition. Our expert team ensures a smooth, efficient shift, keeping your data safe and accessible. Start your journey to the cloud with confidence!

SQL Performance Optimization

Is your SQL running slower than expected? Don't let sluggish performance hinder your business. Our optimization experts at Axial SQL specialize in tuning your databases for peak performance. Speed up your SQL and supercharge your data processing today!

Database Stability Solutions

Tired of frequent database outages? Discover stability with Axial SQL! Our comprehensive analysis identifies and resolves your database vulnerabilities. Enhance reliability, reduce downtime, and keep your operations running smoothly with our expert guidance.

Expert Database Team Evaluation

Questioning your database team's efficiency? Let Axial SQL provide an expert, unbiased analysis. We assess your team's strategies and workflows, offering insights and improvements to boost productivity. Elevate your database management to new heights!

Data Security Assurance

Concerned about your database security? Axial SQL is here to fortify your data defenses. Our specialized security assessments identify potential risks and implement robust protections. Keep your sensitive data secure and your peace of mind intact with our expert services.

Published on

November 22, 2017

Syncing Logins in SQL Server

One of the challenges in managing SQL Server replicas is synchronizing logins between them. When setting up a secondary server, it is important to ensure that the logins on the primary server are also created on the secondary server. This ensures that users can access the databases on both servers seamlessly.

In response to a reader’s query, I have come up with a script that can be used to create multiple logins with their respective Security Identifiers (SIDs) and passwords. The script is as follows:

SELECT 'CREATE LOGIN [' + sp.name + '] ' + 
    CASE 
        WHEN sp.type IN ('U', 'G') THEN 'FROM WINDOWS '
        ELSE ''
    END + 'WITH ' + 
    CASE 
        WHEN sp.type = 'S' THEN 'PASSWORD = ' + master.sys.fn_varbintohexstr(sl.password_hash) + ' HASHED, ' + 
            'SID = ' + master.sys.fn_varbintohexstr(sl.sid) + ', ' + 
            'CHECK_EXPIRATION = ' + 
            CASE 
                WHEN sl.is_expiration_checked > 0 THEN 'ON, '
                ELSE 'OFF, '
            END + 
            'CHECK_POLICY = ' + 
            CASE 
                WHEN sl.is_policy_checked > 0 THEN 'ON, '
                ELSE 'OFF, '
            END + 
            CASE 
                WHEN sl.credential_id > 0 THEN 'CREDENTIAL = ' + c.name + ', '
                ELSE ''
            END
        ELSE ''
    END + 
    'DEFAULT_DATABASE = ' + sp.default_database_name + 
    CASE 
        WHEN LEN(sp.default_language_name) > 0 THEN ', DEFAULT_LANGUAGE = ' + sp.default_language_name
        ELSE ''
    END
FROM sys.server_principals sp
LEFT JOIN sys.sql_logins sl ON sp.principal_id = sl.principal_id
LEFT JOIN sys.credentials c ON sl.credential_id = c.credential_id
WHERE sp.type IN ('S', 'U', 'G')
    AND sp.name <> 'sa'
    AND sp.name NOT LIKE 'NT Authority%'
    AND sp.name NOT LIKE 'NT Service%'

To use the script, you need to run it on the primary replica. After executing the script, you will get a result that contains the commands to create the logins. Simply copy the output and paste it into a query window on the secondary server. If you are using Windows logins, you need to create them on every instance. In the case of Windows logins, the SID is managed by Active Directory, so as long as the login exists on the primary replica, you will be able to access it on all replicas that are members of the availability group.

It is important to note that user information is part of the database and will be automatically synchronized through data synchronization.

I hope you find this script useful for synchronizing logins between SQL Server replicas. If you have any questions or suggestions, please feel free to reach out to me.

Click to rate this post!

[Total: 0 Average: 0]

Let's work together

Send us a message or book free introductory meeting with us using button below.

Comprehensive 360 Degree Assessment

Data Replication

Performance Optimization

Data Security

Database Migration

Expert Consultation