Home/ Questions/Q 6333881
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-24T18:33:07+00:00

Is there a check I can make to see if a user has modify

  • 0

Is there a check I can make to see if a user has modify rights to any object on the server without running the query as that user?

I need to create a logon audit report that lists logon times for accounts that have insert/update access for something on the server(i.e. on any database on the server)

This also needs to not impact performance(if possible) or have the smallest impact.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    From this article:

    select sys.schemas.name 'Schema', sys.objects.name Object, sys.database_principals.name username, sys.database_permissions.type permissions_type,
     sys.database_permissions.permission_name, 
     sys.database_permissions.state permission_state,
     sys.database_permissions.state_desc,
     state_desc + ' ' + permission_name + ' on ['+ sys.schemas.name + '].[' + sys.objects.name + '] to [' + sys.database_principals.name + ']' COLLATE LATIN1_General_CI_AS
 from sys.database_permissions
 join sys.objects on sys.database_permissions.major_id = 
     sys.objects.object_id
 join sys.schemas on sys.objects.schema_id = sys.schemas.schema_id
 join sys.database_principals on sys.database_permissions.grantee_principal_id = 
     sys.database_principals.principal_id
 order by 1, 2, 3, 5

    You would want to filter by username. And keep in mind this shows only the explicitly defined permissions (and deny rules), not effective permissions.

    • 0