Migrate users between SQL Server instances

There was such a task before me - to move the database server from one piece of iron to another. Without hesitation, I install SQL Server 2005 on another piece of hardware, restore the database from the backup and think that everything is OK. But it was not there…

As it turned out, users of SQL Server could not log in to the new server, which is quite natural, since their accounts remain on the old server.

What to do? After all, SQL Server 2005 does not have and did not have a tool for transferring accounts and in general nothing is provided for migrating from one piece of iron to another.
')
As a result, I came across an article from Microsoft, which describes the algorithm of actions ...


Initial data: there is server A - there are necessary logins on it, there is server B - it is necessary to transfer them (logins) to it.

Actions:

1. Connect using SQL Server Managment Studio to server A

2. Run the following script:

USE master
GO
IF OBJECT_ID ('sp_hexadecimal') IS NOT NULL
DROP PROCEDURE sp_hexadecimal
GO
CREATE PROCEDURE sp_hexadecimal
@binvalue varbinary (256),
@hexvalue varchar (514) OUTPUT
AS
DECLARE @charvalue varchar (514)
DECLARE @i int
DECLARE length int
DECLARE @hexstring char (16)
SELECT @charvalue = '0x'
SELECT @i = 1
SELECT length = DATALENGTH (@binvalue)
SELECT @hexstring = '0123456789ABCDEF'
WHILE (@i <= length )
BEGIN
DECLARE @tempint int
DECLARE @firstint int
DECLARE @seintint int
SELECT @tempint = CONVERT (int, SUBSTRING (@binvalue, @ i, 1))
SELECT @firstint = FLOOR (@ tempint / 16)
SELECT @seintint = @tempint - (@ firstint * 16)
SELECT @charvalue = @charvalue +
SUBSTRING (@hexstring, @ firstint + 1, 1) +
SUBSTRING (@hexstring, @ secondint + 1, 1)
SELECT @i = @i + 1
END

SELECT @hexvalue = @charvalue
GO
IF OBJECT_ID ('sp_help_revlogin') IS NOT NULL
DROP PROCEDURE sp_help_revlogin
GO
CREATE PROCEDURE sp_help_revlogin @login_name sysname = NULL AS
DECLARE name sysname
DECLARE type varchar (1)
DECLARE @hasaccess int
DECLARE @denylogin int
DECLARE @is_disabled int
DECLARE @PWD_varbinary varbinary (256)
DECLARE @PWD_string varchar (514)
DECLARE @SID_varbinary varbinary (85)
DECLARE @SID_string varchar (514)
DECLARE @tmpstr varchar (1024)
DECLARE @is_policy_checked varchar (3)
DECLARE @is_expiration_checked varchar (3)

DECLARE @defaultdb sysname
IF (@login_name IS NULL)
DECLARE login_curs CURSOR FOR

SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM
sys.server_principals p LEFT JOIN sys.syslogins l
ON (l.name = p.name) WHERE p.type IN ('S', 'G', 'U') AND p.name <> 'sa'
ELSE
DECLARE login_curs CURSOR FOR

SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM
sys.server_principals p LEFT JOIN sys.syslogins l
ON (l.name = p.name) WHERE p.type IN ('S', 'G', 'U') AND p.name = @login_name
OPEN login_curs

FETCH NEXT FROM login_curs INTO @SID_varbinary, name , type , @is_disabled, @defaultdb, @hasaccess, @denylogin
IF (@@ fetch_status = -1)
BEGIN
PRINT 'Names not found.'
CLOSE login_curs
DEALLOCATE login_curs
RETURN -1
END
SET @tmpstr = '/ * sp_help_revlogin script'
PRINT @tmpstr
SET @tmpstr = '** Generated' + CONVERT (varchar, GETDATE ()) + 'on' + @@ SERVERNAME + '* /'
PRINT @tmpstr
PRINT ''
WHILE (@@ fetch_status <> -1)
BEGIN
IF (@@ fetch_status <> -2)
BEGIN
PRINT ''
SET @tmpstr = '- Login:' + name
PRINT @tmpstr
IF ( type IN ('G', 'U'))
BEGIN - NT authenticated account / group

SET @tmpstr = 'CREATE LOGIN' + QUOTENAME ( name ) + 'FROM WINDOWS WITH DEFAULT_DATABASE = [' + @defaultdb + ']'
END
ELSE BEGIN - SQL Server authentication
- obtain password and sid
SET @PWD_varbinary = CAST (LOGINPROPERTY ( name , 'PasswordHash') AS varbinary (256))
EXEC sp_hexadecimal @PWD_varbinary, @PWD_string OUT
EXEC sp_hexadecimal @SID_varbinary, @SID_string OUT
- obtain password policy state
SELECT @is_policy_checked = CASE is_policy_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = name
SELECT @is_expiration_checked = CASE is_expiration_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = name
SET @tmpstr = 'CREATE LOGIN' + QUOTENAME ( name ) + 'WITH PASSWORD =' + @PWD_string + 'HASHED, SID =' + @SID_string + ', DEFAULT_DATABASE = [' + @defaultdb + ']'

IF (@is_policy_checked IS NOT NULL)
BEGIN
SET @tmpstr = @tmpstr + ', CHECK_POLICY =' + @is_policy_checked
END
IF (@is_expiration_checked IS NOT NULL)
BEGIN
SET @tmpstr = @tmpstr + ', CHECK_EXPIRATION =' + @is_expiration_checked
END
END
IF (@denylogin = 1)
BEGIN - login is denied access
SET @tmpstr = @tmpstr + '; DENY CONNECT SQL TO '+ QUOTENAME ( name )
END
ELSE IF (@hasaccess = 0)
BEGIN - login exists
SET @tmpstr = @tmpstr + '; REVOKE CONNECT SQL TO '+ QUOTENAME ( name )
END
IF (@is_disabled = 1)
BEGIN - login is disabled
SET @tmpstr = @tmpstr + '; ALTER LOGIN '+ QUOTENAME ( name ) +' DISABLE '
END
PRINT @tmpstr
END

FETCH NEXT FROM login_curs INTO @SID_varbinary, name , type , @is_disabled, @defaultdb, @hasaccess, @denylogin
END
CLOSE login_curs
DEALLOCATE login_curs
RETURN 0
GO

3. The script creates 2 procedures. We need sp_help_revlogin. Perform this procedure on server A:

EXEC sp_help_revlogin

4. This procedure will create the necessary scripts for transferring logins to another server. From type strings

CREATE LOGIN [login] WITH PASSWORD = 0x0100F43F09430FB0C4B5F6F4.

select the ones you need. And run these scripts on server B.

5. Voila! Rejoice. =)

link to the original article here .