-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathspAlwaysOn_Check_PrimaryServerObjects.sql
258 lines (221 loc) · 10.4 KB
/
spAlwaysOn_Check_PrimaryServerObjects.sql
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
SET ANSI_NULLS ON
GO
SET QUOTED_IDENTIFIER ON
GO
/*
Description: Checks Secondary Server for missing logins,server roles,server role memberships,linked servers, jobs etc.
Execute this script on the secondary server ssms (Login failed for user 'NT AUTHORITY\ANONYMOUS LOGON'.)
*/
CREATE OR ALTER PROCEDURE [dbo].[spAlwaysOn_Check_PrimaryServerObjects]
AS
BEGIN
SET NOCOUNT ON;
DECLARE @lcSQL NVARCHAR(MAX), @lcPrimaryReplica VARCHAR(128)=NULL;
IF (@lcPrimaryReplica IS NULL) BEGIN;
/*Get Primary replica name*/
SELECT TOP 1 @lcPrimaryReplica=primary_replica
FROM sys.dm_hadr_availability_group_states hags
INNER JOIN sys.availability_groups ag ON ag.group_id = hags.group_id
IF (@lcPrimaryReplica IS NULL) BEGIN;
PRINT N'Primary Replica missing';
RETURN;
END;
END;
IF (@lcPrimaryReplica=@@SERVERNAME) BEGIN;
PRINT 'Execute this script on the secondary server'
RETURN;
END;
DROP TABLE IF EXISTS #Result;
CREATE TABLE #Result (ObjectName VARCHAR(500),Description VARCHAR(MAX) );
DECLARE @primaryLogins TABLE (
[name] VARCHAR(128) NOT NULL,
[Hash] VARBINARY(8000)
);
SET @lcSQL=N'
SELECT sp.[name],
HASHBYTES(''SHA2_512'', CONVERT(VARCHAR(MAX),ISNULL(sp.[name],''''))+ CONVERT(VARCHAR(MAX),ISNULL(sp.default_database_name,''''))+ CONVERT(VARCHAR(MAX),ISNULL(sp.default_language_name,''''))+ CONVERT(VARCHAR(MAX),ISNULL(l.is_policy_checked,0)) + CONVERT(VARCHAR(MAX),ISNULL(l.is_expiration_checked,0)))
FROM ['+@lcPrimaryReplica+'].master.sys.server_principals AS sp
LEFT JOIN ['+@lcPrimaryReplica+'].master.sys.sql_logins AS l ON sp.[sid]=l.[sid]
WHERE sp.[type] IN (''U'', ''G'', ''S'') AND
sp.[name] NOT LIKE ''NT Service\%'' AND
sp.[name] NOT IN (''NT AUTHORITY\SYSTEM'')';
INSERT INTO @primaryLogins
EXECUTE sp_executesql @lcSQL;
---Server roles
DECLARE @primaryRoles TABLE (
[name] VARCHAR(128) NOT NULL
);
SET @lcSQL=N'
SELECT sr.[name]
FROM ['+@lcPrimaryReplica+'].master.sys.server_principals AS sr
WHERE sr.is_fixed_role=0 AND
sr.[type]=''R''';
INSERT INTO @primaryRoles
EXECUTE sp_executesql @lcSQL;
--- Role üyelikleri
DECLARE @primaryMembers TABLE (
[role_name] VARCHAR(128) NOT NULL,
[member_name] VARCHAR(128) NOT NULL
);
SET @lcSQL=N'
SELECT r.name, m.name
FROM ['+@lcPrimaryReplica+N'].master.sys.server_principals AS r
INNER JOIN ['+@lcPrimaryReplica+N'].master.sys.server_role_members AS rm ON r.principal_id=rm.role_principal_id
INNER JOIN ['+@lcPrimaryReplica+N'].master.sys.server_principals AS m ON rm.member_principal_id=m.principal_id';
INSERT INTO @primaryMembers
EXECUTE sp_executesql @lcSQL;
---Jobs
DECLARE @primaryJobs TABLE (
[name] VARCHAR(MAX) NOT NULL,
[stepname] VARCHAR(MAX) NOT NULL,
[schedulename] VARCHAR(MAX) NOT NULL,
[Hash] VARBINARY(8000)
);
---Linked Servers
DECLARE @primaryLinkedServers TABLE (
SRV_NAME sysname NULL, --Name of the linked server.
SRV_PROVIDERNAME nvarchar(128) NULL, --Friendly name of the OLE DB provider managing access to the specified linked server.
SRV_PRODUCT nvarchar(128) NULL, --Product name of the linked server.
SRV_DATASOURCE nvarchar(4000) NULL, --OLE DB data source property corresponding to the specified linked server.
SRV_PROVIDERSTRING nvarchar(4000) NULL, --OLE DB provider string property corresponding to the linked server.
SRV_LOCATION nvarchar(4000) NULL, --OLE DB location property corresponding to the specified linked server.
SRV_CAT sysname NULL
);
DECLARE @LinkedServers TABLE (
SRV_NAME sysname NULL, --Name of the linked server.
SRV_PROVIDERNAME nvarchar(128) NULL, --Friendly name of the OLE DB provider managing access to the specified linked server.
SRV_PRODUCT nvarchar(128) NULL, --Product name of the linked server.
SRV_DATASOURCE nvarchar(4000) NULL, --OLE DB data source property corresponding to the specified linked server.
SRV_PROVIDERSTRING nvarchar(4000) NULL, --OLE DB provider string property corresponding to the linked server.
SRV_LOCATION nvarchar(4000) NULL, --OLE DB location property corresponding to the specified linked server.
SRV_CAT sysname NULL
);
SET @lcSQL=N'
SELECT job.name,Step.step_name,S.name,
HASHBYTES(''SHA2_512'',
CONVERT(VARCHAR(MAX),ISNULL(job.name,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(job.description,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.step_name,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.subsystem,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(step.database_name,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.command,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.flags,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.additional_parameters,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(step.cmdexec_success_code,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.on_success_action,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.on_success_step_id,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.on_fail_action,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.retry_interval,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(S.name,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(s.enabled,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_type,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_interval,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_subday_type,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_subday_interval,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_relative_interval,'''')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_recurrence_factor,'''')) )
FROM ['+@lcPrimaryReplica+N'].msdb.dbo.sysjobs Job
LEFT JOIN ['+@lcPrimaryReplica+N'].msdb.dbo.sysjobsteps Step ON Step.job_id=job.job_id
LEFT JOIN ['+@lcPrimaryReplica+N'].msdb.dbo.sysjobschedules Schedule ON Schedule.job_id = Job.job_id
LEFT JOIN ['+@lcPrimaryReplica+N'].msdb.dbo.sysschedules S ON s.schedule_id=Schedule.schedule_id
';
INSERT INTO @primaryJobs
EXECUTE sp_executesql @lcSQL;
--- Login doesn't exist on the secondary
INSERT INTO #Result
SELECT p.[name] ,'Login Missing'
FROM @primaryLogins AS p
WHERE p.name NOT IN (SELECT name FROM master.sys.server_principals WHERE [type] IN ('U', 'G', 'S'));
INSERT INTO #Result
SELECT p.[name] ,'Login Definiton Different'
FROM @primaryLogins AS p
INNER JOIN master.sys.server_principals sp ON sp.name=p.name
LEFT JOIN master.sys.sql_logins AS l ON sp.[sid]=l.[sid]
WHERE
HASHBYTES('SHA2_512', CONVERT(VARCHAR(MAX),ISNULL(sp.[name],''))+ CONVERT(VARCHAR(MAX),ISNULL(sp.default_database_name,''))+ CONVERT(VARCHAR(MAX),ISNULL(sp.default_language_name,''))+ CONVERT(VARCHAR(MAX),ISNULL(l.is_policy_checked,0)) + CONVERT(VARCHAR(MAX),ISNULL(l.is_expiration_checked,0)))
!=p.[Hash]
--- Roles that don't exist on the secondary
INSERT INTO #Result
SELECT r.[name] ,'Server Role Missing'
FROM @primaryRoles AS r
WHERE name NOT IN (
SELECT name
FROM sys.server_principals
WHERE is_fixed_role=0 AND
[type]='R');
-------------------------------------------------------------------------------
---Role memberships:
INSERT INTO #Result
SELECT r.[name] + ' --> ' + m.[name],'Server Role Membership Extra User'
FROM sys.server_role_members AS rm
INNER JOIN sys.server_principals AS r ON r.principal_id=rm.role_principal_id
INNER JOIN sys.server_principals AS m ON m.principal_id=rm.member_principal_id
LEFT JOIN @primaryMembers AS pm ON pm.member_name=m.name AND pm.[role_name]=r.name
WHERE pm.role_name IS NULL;
--- Add server role memberships:
INSERT INTO #Result
SELECT pr.[name] + ' --> ' + pl.[name],'Server Role Membership Missing User'
FROM @primaryMembers AS pm
INNER JOIN @primaryLogins AS pl ON pm.member_name=pl.name
INNER JOIN @primaryRoles AS pr ON pm.role_name=pr.name
LEFT JOIN sys.server_principals AS r ON pm.role_name=r.name AND r.[type]='R'
LEFT JOIN sys.server_principals AS m ON pm.member_name=m.name
LEFT JOIN sys.server_role_members AS rm ON r.principal_id=rm.role_principal_id AND m.principal_id=rm.member_principal_id
WHERE rm.role_principal_id IS NULL;
-------------------------------------------------
--- Jobs
INSERT INTO #Result
SELECT DISTINCT p.[name] ,'Job Missing'
FROM @primaryJobs AS p
WHERE p.name NOT IN (SELECT name FROM msdb.dbo.sysjobs);
INSERT INTO #Result
SELECT DISTINCT p.[name] + ' --> ' + p.stepname ,'Job Step Missing'
FROM @primaryJobs AS p
INNER JOIN msdb.dbo.sysjobs job ON job.name=p.name
LEFT JOIN msdb.dbo.sysjobsteps Step ON Step.job_id=job.job_id AND Step.step_name=p.stepname
WHERE job.name=p.name AND step.step_name IS NULL
INSERT INTO #Result
SELECT DISTINCT p.[name] ,'Job Definition Different'
FROM @primaryJobs AS p
INNER JOIN msdb.dbo.sysjobs job ON job.name=p.name
LEFT JOIN msdb.dbo.sysjobsteps Step ON Step.job_id=job.job_id
LEFT JOIN msdb.dbo.sysjobschedules Schedule ON Schedule.job_id = Job.job_id
LEFT JOIN msdb.dbo.sysschedules S ON s.schedule_id=Schedule.schedule_id
WHERE job.name=p.name AND step.step_name=p.stepname AND s.name=p.schedulename AND
HASHBYTES('SHA2_512',
CONVERT(VARCHAR(MAX),ISNULL(job.name,'')) +
CONVERT(VARCHAR(MAX),ISNULL(job.description,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.step_name,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.subsystem,'')) +
CONVERT(VARCHAR(MAX),ISNULL(step.database_name,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.command,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.flags,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.additional_parameters,'')) +
CONVERT(VARCHAR(MAX),ISNULL(step.cmdexec_success_code,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.on_success_action,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.on_success_step_id,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.on_fail_action,'')) +
CONVERT(VARCHAR(MAX),ISNULL(Step.retry_interval,'')) +
CONVERT(VARCHAR(MAX),ISNULL(S.name,'')) +
CONVERT(VARCHAR(MAX),ISNULL(s.enabled,'')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_type,'')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_interval,'')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_subday_type,'')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_subday_interval,'')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_relative_interval,'')) +
CONVERT(VARCHAR(MAX),ISNULL(s.freq_recurrence_factor,'')) )!=p.[Hash]
-------------------------------------------------
--- Linked Servers
SET @lcSQL=N'EXEC '+@lcPrimaryReplica+N'.master.sys.sp_linkedservers';
INSERT INTO @primaryLinkedServers
EXECUTE sp_executesql @lcSQL;
INSERT INTO @LinkedServers
EXECUTE sys.sp_linkedservers;
INSERT INTO #Result
SELECT r.SRV_NAME ,'Linked Server Missing'
FROM @primaryLinkedServers AS r
WHERE r.SRV_NAME NOT IN (SELECT SRV_NAME FROM @LinkedServers);
-------------------------------------------------
SELECT * FROM #Result;
DROP TABLE #Result;
END