Skip to main content
Post a question

Notifications

Announcements

🌸 Community Spring Festival 2025 Challenge 🌸
News and Announcements icon
Community site session details

Community site session details

Session Id : DlOsAeTvu1b1dhMV6k8UmF
Dynamics 365 Community / Forums / Microsoft Dynamics GP (Archived) / Need Capture Logins Sc...
Microsoft Dynamics GP (Archived)

Need Capture Logins Script for SQL Server 2014 to Sql Server 2016

Like (0) ShareShare
ReportReport
Posted on 30 Aug 2018 04:09:09 by Peggy L. Aitken 244

Does anyone have an updated Capture Logins Script that can be run on data running on SQL Server 2014 to be restored to a new server running SQL Server 2016?  I don't find anything past Sql Server 2012.

Thanks in advance for your help!

*This post is locked for comments

  • Suggested answer
    Peggy L. Aitken Profile Picture
    Peggy L. Aitken 244 on 04 Nov 2018 at 18:55:14
    RE: Need Capture Logins Script for SQL Server 2014 to Sql Server 2016

    Thank You Mario.  This one worked for me!

  • Jen Kuntz Profile Picture
    Jen Kuntz 3,220 on 18 Sep 2018 at 17:51:12
    RE: Need Capture Logins Script for SQL Server 2014 to Sql Server 2016

    Hi Peggy,

    Did Mariano or Derek's suggestions work? If so please consider marking one/both of them as an answer to your question, to help out the next person who asks!

    Thx

    Jen

  • Suggested answer
    Mariano Gomez Profile Picture
    Mariano Gomez 26,225 on 30 Aug 2018 at 19:53:16
    RE: Need Capture Logins Script for SQL Server 2014 to Sql Server 2016

    This should work:

    1. 	/************************************************************************************************
    2. 	*
    3. 	*	Purpose:	To capture all the SQL Server logins with the binary password regardless of SQL version.  
    4. 	*				Script is compatiable with SQL 7 / 2000 / 2005/ 2008 / 2008R2 / 2012. 
    5. 	*				Need to save the results to a text file and run within a new query window.
    6. 	*
    7. 	*	Created Date:	Inital - 01/13/2006
    8. 	*
    9. 	*	Revsions:	01/15/2006 - Made some formatting changes to the output text.
    10. 	*			01/16/2006 - Made syntax change to account for Binary version of SQL Server.
    11. 	*			01/16/2006 - Change version SQL version check because of syntax differences between SQL 2000 and 2005 with @@version.
    12. 	*			04/10/2007 - Made change to deal with user names that begin with numbers instead of characters.
    13. 	*           11/14/2008 - Made syntax change to update for SQL 2008
    14.     *           08/26/2010 - Made syntax change to update for SQL 2008 R2    
    15. 	*			12/20/2012 - Made syntax change to update for SQL 2012
    16. 	*			05/02/2014 - Changed version number check to handle SQL 2012 SP1 (and all future versions)
    17. 	*
    18. 	************************************************************************************************/
    19.  
    20. 	USE master
    21. 	GO
    22. 	IF OBJECT_ID ('sp_hexadecimal') IS NOT NULL
    23. 	  DROP PROCEDURE sp_hexadecimal
    24. 	GO
    25. 	CREATE PROCEDURE sp_hexadecimal
    26. 		@binvalue varbinary(256),
    27. 		@hexvalue varchar(256) OUTPUT
    28. 	AS
    29. 	DECLARE @charvalue varchar(256)
    30. 	DECLARE @i int
    31. 	DECLARE @length int
    32. 	DECLARE @hexstring char(16)
    33. 	SELECT @charvalue = '0x'
    34. 	SELECT @i = 1
    35. 	SELECT @length = DATALENGTH (@binvalue)
    36. 	SELECT @hexstring = '0123456789ABCDEF'
    37. 	WHILE (@i <= @length)
    38. 	BEGIN
    39. 	  DECLARE @tempint int
    40. 	  DECLARE @firstint int
    41. 	  DECLARE @secondint int
    42. 	  SELECT @tempint = CONVERT(int, SUBSTRING(@binvalue,@i,1))
    43. 	  SELECT @firstint = FLOOR(@tempint/16)
    44. 	  SELECT @secondint = @tempint - (@firstint*16)
    45. 	  SELECT @charvalue = @charvalue +
    46. 		SUBSTRING(@hexstring, @firstint+1, 1) +
    47. 		SUBSTRING(@hexstring, @secondint+1, 1)
    48. 	  SELECT @i = @i + 1
    49. 	END
    50. 	SELECT @hexvalue = @charvalue
    51. 	GO
    52.  
    53. 	IF OBJECT_ID ('sp_help_revlogin') IS NOT NULL
    54. 	  DROP PROCEDURE sp_help_revlogin
    55. 	GO
    56. 	CREATE PROCEDURE sp_help_revlogin @login_name sysname = NULL AS
    57. 	DECLARE @name    sysname
    58. 	DECLARE @xstatus int
    59. 	DECLARE @binpwd  varbinary (256)
    60. 	DECLARE @txtpwd  sysname
    61. 	DECLARE @tmpstr  varchar (256)
    62. 	DECLARE @SID_varbinary varbinary(85)
    63. 	DECLARE @SID_string varchar(256)
    64.  
    65. 	IF (@login_name IS NULL)
    66. 	  DECLARE login_curs CURSOR FOR
    67. 		SELECT sid, name, xstatus, password FROM master..sysxlogins
    68. 		WHERE srvid IS NULL AND name <> 'sa'
    69. 	ELSE
    70. 	  DECLARE login_curs CURSOR FOR
    71. 		SELECT sid, name, xstatus, password FROM master..sysxlogins
    72. 		WHERE srvid IS NULL AND name = @login_name
    73. 	OPEN login_curs
    74. 	FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd
    75. 	IF (@@fetch_status = -1)
    76. 	BEGIN
    77. 	  PRINT 'No login(s) found.'
    78. 	  CLOSE login_curs
    79. 	  DEALLOCATE login_curs
    80. 	  RETURN -1
    81. 	END
    82. 	SET @tmpstr = '/* sp_help_revlogin script '
    83. 	PRINT @tmpstr
    84. 	SET @tmpstr = '** Generated '
    85. 	  + CONVERT (varchar, GETDATE()) + ' on ' + @@SERVERNAME + ' */'
    86. 	PRINT @tmpstr
    87. 	PRINT ''
    88. 	PRINT 'DECLARE @pwd sysname'
    89. 	WHILE (@@fetch_status <> -1)
    90. 	BEGIN
    91. 	  IF (@@fetch_status <> -2)
    92. 	  BEGIN
    93. 		PRINT ''
    94. 		SET @tmpstr = '-- Login: ' + @name
    95. 		PRINT @tmpstr
    96. 		IF (@xstatus & 4) = 4
    97. 		BEGIN -- NT authenticated account/group
    98. 		  IF (@xstatus & 1) = 1
    99. 		  BEGIN -- NT login is denied access
    100. 			SET @tmpstr = 'EXEC master..sp_denylogin ''' + @name + ''''
    101. 			PRINT @tmpstr
    102. 		  END
    103. 		  ELSE BEGIN -- NT login has access
    104. 			SET @tmpstr = 'EXEC master..sp_grantlogin ''' + @name + ''''
    105. 			PRINT @tmpstr
    106. 		  END
    107. 		END
    108. 		ELSE BEGIN -- SQL Server authentication
    109. 		  IF (@binpwd IS NOT NULL)
    110. 		  BEGIN -- Non-null password
    111. 			EXEC sp_hexadecimal @binpwd, @txtpwd OUT
    112. 			IF (@xstatus & 2048) = 2048
    113. 			  SET @tmpstr = 'SET @pwd = CONVERT (varchar(256), ' + @txtpwd + ')'
    114. 			ELSE
    115. 			  SET @tmpstr = 'SET @pwd = CONVERT (varbinary(256), ' + @txtpwd + ')'
    116. 			PRINT @tmpstr
    117. 		EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT
    118. 			SET @tmpstr = 'EXEC master..sp_addlogin ''' + @name + ''
    119. 			  + ''', @pwd, @sid = ' + @SID_string + ', @encryptopt = '
    120. 		  END
    121. 		  ELSE BEGIN
    122. 			-- Null password
    123. 		EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT
    124. 			SET @tmpstr = 'EXEC master..sp_addlogin ''' + @name + ''
    125. 			  + ''', NULL, @sid = ' + @SID_string + ', @encryptopt = '
    126. 		  END
    127. 		  IF (@xstatus & 2048) = 2048
    128. 			-- login upgraded from 6.5
    129. 			SET @tmpstr = @tmpstr + '''skip_encryption_old'''
    130. 		  ELSE
    131. 			SET @tmpstr = @tmpstr + '''skip_encryption'''
    132. 		  PRINT @tmpstr
    133. 		END
    134. 	  END
    135. 	  FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd
    136. 	  END
    137. 	CLOSE login_curs
    138. 	DEALLOCATE login_curs
    139. 	RETURN 0
    140. 	GO
    141.  
    142. 	IF OBJECT_ID ('seeMigrateSQLLogins') IS NOT NULL
    143. 	  DROP PROCEDURE seeMigrateSQLLogins
    144. 	GO
    145. 	create procedure seeMigrateSQLLogins @login_name sysname = NULL
    146. 	as
    147. 	DECLARE @name sysname
    148. 	DECLARE @type varchar (1)
    149. 	DECLARE @hasaccess int
    150. 	DECLARE @denylogin int
    151. 	DECLARE @is_disabled int
    152. 	DECLARE @PWD_varbinary  varbinary (256)
    153. 	DECLARE @PWD_string  varchar (514)
    154. 	DECLARE @SID_varbinary varbinary (85)
    155. 	DECLARE @SID_string varchar (514)
    156. 	DECLARE @tmpstr  varchar (1024)
    157. 	DECLARE @is_policy_checked varchar (3)
    158. 	DECLARE @is_expiration_checked varchar (3)
    159.  
    160. 	DECLARE @defaultdb sysname
    161.  
    162. 	IF (@login_name IS NULL)
    163. 	  DECLARE login_curs CURSOR FOR
    164.  
    165. 		  SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM 
    166. 	sys.server_principals p LEFT JOIN sys.syslogins l
    167. 		  ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name <> 'sa'
    168. 	ELSE
    169. 	  DECLARE login_curs CURSOR FOR
    170.  
    171.  
    172. 		  SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM 
    173. 	sys.server_principals p LEFT JOIN sys.syslogins l
    174. 		  ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name = @login_name
    175. 	OPEN login_curs
    176.  
    177. 	FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin
    178. 	IF (@@fetch_status = -1)
    179. 	BEGIN
    180. 	  PRINT 'No login(s) found.'
    181. 	  CLOSE login_curs
    182. 	  DEALLOCATE login_curs
    183. 	  RETURN -1
    184. 	END
    185. 	SET @tmpstr = '/* sp_help_revlogin script '
    186. 	PRINT @tmpstr
    187. 	SET @tmpstr = '** Generated ' + CONVERT (varchar, GETDATE()) + ' on ' + @@SERVERNAME + ' */'
    188. 	PRINT @tmpstr
    189. 	PRINT ''
    190. 	WHILE (@@fetch_status <> -1)
    191. 	BEGIN
    192. 	  IF (@@fetch_status <> -2)
    193. 	  BEGIN
    194. 		PRINT ''
    195. 		SET @tmpstr = '-- Login: ' + @name
    196. 		PRINT @tmpstr
    197. 		IF (@type IN ( 'G', 'U'))
    198. 		BEGIN -- NT authenticated account/group
    199.  
    200. 		  SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' FROM WINDOWS WITH DEFAULT_DATABASE = [' + @defaultdb + ']'
    201. 		END
    202. 		ELSE BEGIN -- SQL Server authentication
    203. 			-- obtain password and sid
    204. 				SET @PWD_varbinary = CAST( LOGINPROPERTY( @name, 'PasswordHash' ) AS varbinary (256) )
    205. 			EXEC sp_hexadecimal @PWD_varbinary, @PWD_string OUT
    206. 			EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT
    207.  
    208. 			-- obtain password policy state
    209. 			SELECT @is_policy_checked = CASE is_policy_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name
    210. 			SELECT @is_expiration_checked = CASE is_expiration_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name
    211.  
    212. 				SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' WITH PASSWORD = ' + @PWD_string + ' HASHED, SID = ' + @SID_string + ', DEFAULT_DATABASE = [' + @defaultdb + ']'
    213.  
    214. 			IF ( @is_policy_checked IS NOT NULL )
    215. 			BEGIN
    216. 			  SET @tmpstr = @tmpstr + ', CHECK_POLICY = ' + @is_policy_checked
    217. 			END
    218. 			IF ( @is_expiration_checked IS NOT NULL )
    219. 			BEGIN
    220. 			  SET @tmpstr = @tmpstr + ', CHECK_EXPIRATION = ' + @is_expiration_checked
    221. 			END
    222. 		END
    223. 		IF (@denylogin = 1)
    224. 		BEGIN -- login is denied access
    225. 		  SET @tmpstr = @tmpstr + '; DENY CONNECT SQL TO ' + QUOTENAME( @name )
    226. 		END
    227. 		ELSE IF (@hasaccess = 0)
    228. 		BEGIN -- login exists but does not have access
    229. 		  SET @tmpstr = @tmpstr + '; REVOKE CONNECT SQL TO ' + QUOTENAME( @name )
    230. 		END
    231. 		IF (@is_disabled = 1)
    232. 		BEGIN -- login is disabled
    233. 		  SET @tmpstr = @tmpstr + '; ALTER LOGIN ' + QUOTENAME( @name ) + ' DISABLE'
    234. 		END
    235. 		PRINT @tmpstr
    236. 	  END
    237.  
    238. 	  FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin
    239. 	   END
    240. 	CLOSE login_curs
    241. 	DEALLOCATE login_curs
    242. 	RETURN 0
    243. 	GO
    244.  
    245. 	if cast(ltrim(substring(@@version, patindex('%[0-9].[0-9]%', @@version)-1,4)) as decimal(4,2)) >= 9.0
    246. 		Begin
    247. 			exec seeMigrateSQLLogins
    248. 		End
    249. 	Else
    250. 		begin
    251. 			exec sp_help_revlogin
    252. 		End
    253.  
    254. 	IF OBJECT_ID ('sp_hexadecimal') IS NOT NULL
    255. 	  DROP PROCEDURE sp_hexadecimal
    256. 	GO
    257. 	IF OBJECT_ID ('sp_help_revlogin') IS NOT NULL
    258. 	  DROP PROCEDURE sp_help_revlogin
    259. 	GO
    260. 	IF OBJECT_ID ('seeMigrateSQLLogins') IS NOT NULL
    261. 	  DROP PROCEDURE seeMigrateSQLLogins
    262. 	GO
    263. /* End Script */


  • Derek Albaugh Profile Picture
    Derek Albaugh on 30 Aug 2018 at 18:38:42
    RE: Need Capture Logins Script for SQL Server 2014 to Sql Server 2016

    The CaptureLogins script in KB 878449 hasn't been updated for anything newer than SQL 2012, I believe.

    Instead, you can use the following:

    KB 918992 - How to transfer logins and passwords between instances of SQL Server

    support.microsoft.com/.../how-to-transfer-logins-and-passwords-between-instances-of-sql-server

    I've sent this out before and it seems to work even on newer SQL versions.

    Thanks

  • Peggy L. Aitken Profile Picture
    Peggy L. Aitken 244 on 30 Aug 2018 at 18:04:12
    RE: Need Capture Logins Script for SQL Server 2014 to Sql Server 2016

    Sandip,

    Thanks for the script but it didn't work.  Got the following error:  Msg 208, Level 16, State 1, Procedure sp_help_revlogin, Line 255

    Invalid object name 'master..sysxlogins'.

  • sandipdjadhav Profile Picture
    sandipdjadhav 18,286 on 30 Aug 2018 at 07:24:08
    RE: Need Capture Logins Script for SQL Server 2014 to Sql Server 2016

    Hello Peggy, 

    Please go through below script- I hope it will work.


    /************************************************************************************************
    *
    * Purpose: To capture all the SQL Server logins with the binary password regardless of SQL version.
    * Script is compatiable with SQL 7 / 2000 / 2005/ 2008 / 2008R2 / 2012.
    * Need to save the results to a text file and run within a new query window.
    *
    * Created Date: Inital - 01/13/2006
    *
    * Revsions: 01/15/2006 - Made some formatting changes to the output text.
    * 01/16/2006 - Made syntax change to account for Binary version of SQL Server.
    * 01/16/2006 - Change version SQL version check because of syntax differences between SQL 2000 and 2005 with @@version.
    * 04/10/2007 - Made change to deal with user names that begin with numbers instead of characters.
    * 11/14/2008 - Made syntax change to update for SQL 2008
    * 08/26/2010 - Made syntax change to update for SQL 2008 R2
    * 12/20/2012 - Made syntax change to update for SQL 2012
    * 04/30/2014 - Changed version number check to handle SQL 2012 SP1 (and all future versions)
    *
    ************************************************************************************************/

    USE master
    GO
    IF OBJECT_ID ('sp_hexadecimal') IS NOT NULL
    DROP PROCEDURE sp_hexadecimal
    GO
    CREATE PROCEDURE sp_hexadecimal
    @binvalue varbinary(256),
    @hexvalue varchar(256) OUTPUT
    AS
    DECLARE @charvalue varchar(256)
    DECLARE @i int
    DECLARE @length int
    DECLARE @hexstring char(16)
    SELECT @charvalue = '0x'
    SELECT @i = 1
    SELECT @length = DATALENGTH (@binvalue)
    SELECT @hexstring = '0123456789ABCDEF'
    WHILE (@i <= @length)
    BEGIN
    DECLARE @tempint int
    DECLARE @firstint int
    DECLARE @secondint int
    SELECT @tempint = CONVERT(int, SUBSTRING(@binvalue,@i,1))
    SELECT @firstint = FLOOR(@tempint/16)
    SELECT @secondint = @tempint - (@firstint*16)
    SELECT @charvalue = @charvalue +
    SUBSTRING(@hexstring, @firstint+1, 1) +
    SUBSTRING(@hexstring, @secondint+1, 1)
    SELECT @i = @i + 1
    END
    SELECT @hexvalue = @charvalue
    GO

    IF OBJECT_ID ('sp_help_revlogin') IS NOT NULL
    DROP PROCEDURE sp_help_revlogin
    GO
    CREATE PROCEDURE sp_help_revlogin @login_name sysname = NULL AS
    DECLARE @name sysname
    DECLARE @xstatus int
    DECLARE @binpwd varbinary (256)
    DECLARE @txtpwd sysname
    DECLARE @tmpstr varchar (256)
    DECLARE @SID_varbinary varbinary(85)
    DECLARE @SID_string varchar(256)

    IF (@login_name IS NULL)
    DECLARE login_curs CURSOR FOR
    SELECT sid, name, xstatus, password FROM master..sysxlogins
    WHERE srvid IS NULL AND name <> 'sa'
    ELSE
    DECLARE login_curs CURSOR FOR
    SELECT sid, name, xstatus, password FROM master..sysxlogins
    WHERE srvid IS NULL AND name = @login_name
    OPEN login_curs
    FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd
    IF (@@fetch_status = -1)
    BEGIN
    PRINT 'No login(s) found.'
    CLOSE login_curs
    DEALLOCATE login_curs
    RETURN -1
    END
    SET @tmpstr = '/* sp_help_revlogin script '
    PRINT @tmpstr
    SET @tmpstr = '** Generated '
    + CONVERT (varchar, GETDATE()) + ' on ' + @@SERVERNAME + ' */'
    PRINT @tmpstr
    PRINT ''
    PRINT 'DECLARE @pwd sysname'
    WHILE (@@fetch_status <> -1)
    BEGIN
    IF (@@fetch_status <> -2)
    BEGIN
    PRINT ''
    SET @tmpstr = '-- Login: ' + @name
    PRINT @tmpstr
    IF (@xstatus & 4) = 4
    BEGIN -- NT authenticated account/group
    IF (@xstatus & 1) = 1
    BEGIN -- NT login is denied access
    SET @tmpstr = 'EXEC master..sp_denylogin ''' + @name + ''''
    PRINT @tmpstr
    END
    ELSE BEGIN -- NT login has access
    SET @tmpstr = 'EXEC master..sp_grantlogin ''' + @name + ''''
    PRINT @tmpstr
    END
    END
    ELSE BEGIN -- SQL Server authentication
    IF (@binpwd IS NOT NULL)
    BEGIN -- Non-null password
    EXEC sp_hexadecimal @binpwd, @txtpwd OUT
    IF (@xstatus & 2048) = 2048
    SET @tmpstr = 'SET @pwd = CONVERT (varchar(256), ' + @txtpwd + ')'
    ELSE
    SET @tmpstr = 'SET @pwd = CONVERT (varbinary(256), ' + @txtpwd + ')'
    PRINT @tmpstr
    EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT
    SET @tmpstr = 'EXEC master..sp_addlogin ''' + @name + ''
    + ''', @pwd, @sid = ' + @SID_string + ', @encryptopt = '
    END
    ELSE BEGIN
    -- Null password
    EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT
    SET @tmpstr = 'EXEC master..sp_addlogin ''' + @name + ''
    + ''', NULL, @sid = ' + @SID_string + ', @encryptopt = '
    END
    IF (@xstatus & 2048) = 2048
    -- login upgraded from 6.5
    SET @tmpstr = @tmpstr + '''skip_encryption_old'''
    ELSE
    SET @tmpstr = @tmpstr + '''skip_encryption'''
    PRINT @tmpstr
    END
    END
    FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @xstatus, @binpwd
    END
    CLOSE login_curs
    DEALLOCATE login_curs
    RETURN 0
    GO

    IF OBJECT_ID ('seeMigrateSQLLogins') IS NOT NULL
    DROP PROCEDURE seeMigrateSQLLogins
    GO
    create procedure seeMigrateSQLLogins @login_name sysname = NULL
    as
    DECLARE @name sysname
    DECLARE @type varchar (1)
    DECLARE @hasaccess int
    DECLARE @denylogin int
    DECLARE @is_disabled int
    DECLARE @PWD_varbinary varbinary (256)
    DECLARE @PWD_string varchar (514)
    DECLARE @SID_varbinary varbinary (85)
    DECLARE @SID_string varchar (514)
    DECLARE @tmpstr varchar (1024)
    DECLARE @is_policy_checked varchar (3)
    DECLARE @is_expiration_checked varchar (3)

    DECLARE @defaultdb sysname

    IF (@login_name IS NULL)
    DECLARE login_curs CURSOR FOR

    SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM
    sys.server_principals p LEFT JOIN sys.syslogins l
    ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name <> 'sa'
    ELSE
    DECLARE login_curs CURSOR FOR


    SELECT p.sid, p.name, p.type, p.is_disabled, p.default_database_name, l.hasaccess, l.denylogin FROM
    sys.server_principals p LEFT JOIN sys.syslogins l
    ON ( l.name = p.name ) WHERE p.type IN ( 'S', 'G', 'U' ) AND p.name = @login_name
    OPEN login_curs

    FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin
    IF (@@fetch_status = -1)
    BEGIN
    PRINT 'No login(s) found.'
    CLOSE login_curs
    DEALLOCATE login_curs
    RETURN -1
    END
    SET @tmpstr = '/* sp_help_revlogin script '
    PRINT @tmpstr
    SET @tmpstr = '** Generated ' + CONVERT (varchar, GETDATE()) + ' on ' + @@SERVERNAME + ' */'
    PRINT @tmpstr
    PRINT ''
    WHILE (@@fetch_status <> -1)
    BEGIN
    IF (@@fetch_status <> -2)
    BEGIN
    PRINT ''
    SET @tmpstr = '-- Login: ' + @name
    PRINT @tmpstr
    IF (@type IN ( 'G', 'U'))
    BEGIN -- NT authenticated account/group

    SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' FROM WINDOWS WITH DEFAULT_DATABASE = [' + @defaultdb + ']'
    END
    ELSE BEGIN -- SQL Server authentication
    -- obtain password and sid
    SET @PWD_varbinary = CAST( LOGINPROPERTY( @name, 'PasswordHash' ) AS varbinary (256) )
    EXEC sp_hexadecimal @PWD_varbinary, @PWD_string OUT
    EXEC sp_hexadecimal @SID_varbinary,@SID_string OUT

    -- obtain password policy state
    SELECT @is_policy_checked = CASE is_policy_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name
    SELECT @is_expiration_checked = CASE is_expiration_checked WHEN 1 THEN 'ON' WHEN 0 THEN 'OFF' ELSE NULL END FROM sys.sql_logins WHERE name = @name

    SET @tmpstr = 'CREATE LOGIN ' + QUOTENAME( @name ) + ' WITH PASSWORD = ' + @PWD_string + ' HASHED, SID = ' + @SID_string + ', DEFAULT_DATABASE = [' + @defaultdb + ']'

    IF ( @is_policy_checked IS NOT NULL )
    BEGIN
    SET @tmpstr = @tmpstr + ', CHECK_POLICY = ' + @is_policy_checked
    END
    IF ( @is_expiration_checked IS NOT NULL )
    BEGIN
    SET @tmpstr = @tmpstr + ', CHECK_EXPIRATION = ' + @is_expiration_checked
    END
    END
    IF (@denylogin = 1)
    BEGIN -- login is denied access
    SET @tmpstr = @tmpstr + '; DENY CONNECT SQL TO ' + QUOTENAME( @name )
    END
    ELSE IF (@hasaccess = 0)
    BEGIN -- login exists but does not have access
    SET @tmpstr = @tmpstr + '; REVOKE CONNECT SQL TO ' + QUOTENAME( @name )
    END
    IF (@is_disabled = 1)
    BEGIN -- login is disabled
    SET @tmpstr = @tmpstr + '; ALTER LOGIN ' + QUOTENAME( @name ) + ' DISABLE'
    END
    PRINT @tmpstr
    END

    FETCH NEXT FROM login_curs INTO @SID_varbinary, @name, @type, @is_disabled, @defaultdb, @hasaccess, @denylogin
    END
    CLOSE login_curs
    DEALLOCATE login_curs
    RETURN 0
    GO

    if (ltrim(substring(@@version, patindex('%[0-9].[0-9]%', @@version)-1,4)) in ('9.0','10.0','10.5','11.0') )
    Begin
    exec seeMigrateSQLLogins
    End
    Else
    begin
    exec sp_help_revlogin
    End

    IF OBJECT_ID ('sp_hexadecimal') IS NOT NULL
    DROP PROCEDURE sp_hexadecimal
    GO
    IF OBJECT_ID ('sp_help_revlogin') IS NOT NULL
    DROP PROCEDURE sp_help_revlogin
    GO
    IF OBJECT_ID ('seeMigrateSQLLogins') IS NOT NULL
    DROP PROCEDURE seeMigrateSQLLogins
    GO
    /* End Script */

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

News and Announcements

🌸 Community Spring Festival 2025 Challenge 🌸

Quick Links

🌸 Community Spring Festival 2025 Challenge 🌸

WIN Power Platform Community Conference 2025 tickets!

Jonas ”Jones” Melgaard – Community Spotlight

We are honored to recognize Jonas "Jones" Melgaard as our April 2025…

Kudos to the March Top 10 Community Stars!

Thanks for all your good work in the Community!

Leaderboard

#1
André Arnaud de Calavon Profile Picture

André Arnaud de Cal... 293,729 Super User 2025 Season 1

#2
Martin Dráb Profile Picture

Martin Dráb 232,718 Most Valuable Professional

#3
nmaenpaa Profile Picture

nmaenpaa 101,158 Moderator

Leaderboard

Featured topics

Product updates

Dynamics 365 release plans