-
Notifications
You must be signed in to change notification settings - Fork 224
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
SqlDatabasePermission: Cannot grant or remove connect permission to the guest user #1134
Comments
We should be able to grant or revoke connect permission as per Best Practices Recommendations. But because this resource wrongly handles logins (which I think only SqlServerLogin should do), that was raised in issue #848 too. This resource can't handle the guest user because their will never be an accompanying login for that user. |
I will label this as a bug and help wanted so that someone in the community can run with this. |
Oops, wrongly closed the issue. Sorry about that. Reopened. |
- SqlDatabasePermission - BREAKING CHANGE: The resource no longer create the database user if it does not exist. Use the resource _SqlDatabaseUser_ to enforce that the database user exist in the database prior to setting permissions using this resource (issue #848). - BREAKING CHANGE: The resource no longer checks if a login exist so that it is possible to set permissions for database users that does not have a login, e.g. the database user 'guest' (issue #1134). - Updated examples. - Added integration tests (issue #741). - Get-TargetResource will no longer throw an exception if the database does not exist.
This will be fixed in the next release. |
I'm probably doing something that i should not. I am dynamically generating a number of mof files based on my current environment to test a few controls with DSCEA but in any case the mof file that gets generated for my server has a section that looks like the following
using dscea against my server results in something like
WARNING: PowerShell DSC resource MSFT_SqlDatabasePermission failed to execute Test-TargetResource functionality with error message: Login 'guest' does not exist on SQ
L server 'abbsus201\MSSQLSERVER'.
But it clearly does$(Get-SqlInstance -ServerInstance localhost).Databases | where-object { $ .name -notin @("master",
PS > (
"msdb", "tempdb") -and "guest" -in $.users.name }).name
model
ReportServer
ReportServerTempDB
SUSDB
The text was updated successfully, but these errors were encountered: