| title | sp_validatelogins (Transact-SQL) | Microsoft Docs | ||
|---|---|---|---|
| ms.custom | |||
| ms.date | 06/10/2016 | ||
| ms.prod | sql | ||
| ms.prod_service | database-engine | ||
| ms.reviewer | |||
| ms.technology | system-objects | ||
| ms.topic | language-reference | ||
| f1_keywords |
|
||
| dev_langs |
|
||
| helpviewer_keywords |
|
||
| ms.assetid | 6ac52e21-e20d-469b-ad40-5aa091e06b61 | ||
| author | VanMSFT | ||
| ms.author | vanto |
[!INCLUDEtsql-appliesto-ss2008-xxxx-xxxx-xxx-md]
Reports information about Windows users and groups that are mapped to [!INCLUDEssNoVersion] principals but no longer exist in the Windows environment.
Transact-SQL Syntax Conventions
sp_validatelogins
0 (success) or 1 (failure)
| Column name | Data type | Description |
|---|---|---|
| SID | varbinary(85) | Windows security identifier (SID) of the Windows user or group. |
| NT Login | sysname | Name of the Windows user or group. |
If the orphaned server-level principal owns a database user, the database user must be removed before the orphaned server principal can be removed. To remove a database user, use DROP USER. If the server-level principal owns securables in the database, ownership of the securables must be transferred or they must be dropped. To transfer ownership of database securables, use ALTER AUTHORIZATION.
To remove mappings to Windows users and groups that no longer exist, use DROP LOGIN.
Requires membership in the sysadmin or securityadmin fixed server role.
The following example displays the Windows users and groups that no longer exist but are still granted access to an instance of [!INCLUDEssNoVersion].
EXEC sp_validatelogins;
GO
System Stored Procedures (Transact-SQL)
Security Stored Procedures (Transact-SQL)
DROP USER (Transact-SQL)
DROP LOGIN (Transact-SQL)
ALTER AUTHORIZATION (Transact-SQL)