Please start any new threads on our new site at We've got lots of great SQL Server experts to answer whatever question you can come up with.

Our new SQL Server Forums are live! Come on over! We've restricted the ability to create new threads on these forums.

SQL Server Forums
Profile | Active Topics | Members | Search | Forum FAQ
Save Password
Forgot your Password?

 All Forums
 SQL Server 2005 Forums
 SQL Server Administration (2005)
 Deleted Active Directory Group
 Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

Starting Member

1 Posts

Posted - 10/15/2012 :  06:46:20  Show Profile  Reply with Quote

I have an issue where some users are able to access tables that you they shouldn't. I checked their Active Directory Group membership and confirmed that they belong to two groups that don't have permission to these tables. I then ran "EXEC sp_validatelogins" and I found a Group that appears to have been deleted from AD but still exists within SQL Logins and also in SQL Users. This group has db_owner permissions and the users did belong to the group before it was deleted. Even if this group was deleted from AD does the db_owner permission still apply for these users? Can I ran a query that would confirm this?


Flowing Fount of Yak Knowledge

United Kingdom
2179 Posts

Posted - 10/16/2012 :  01:54:44  Show Profile  Visit jackv's Homepage  Reply with Quote
For the user to have access - the AD group would have still be valid - as it needs to resolve against the A
Is it possible they are accesing via some other path?
Have you checked which groups these users are members of in the AD itself? Then cross - reference against SQL Server Logins?

Jack Vamvas
Go to Top of Page
  Previous Topic Topic Next Topic  
 Reply to Topic
 Printer Friendly
Jump To:
SQL Server Forums © 2000-2009 SQLTeam Publishing, LLC Go To Top Of Page
This page was generated in 0.02 seconds. Powered By: Snitz Forums 2000