mssql user permission and mapping gone after DB restore with REPLACE option

public cloud 6 Reputation points
2021-06-05T08:26:48.4+00:00

I dont know why is there no question or reference to this but it seems there is no way to restore user mapping and permission to databases after restoration of db with replace option. i get it user lost their permission because of the SID but why is there no easy way to fix this? sp_change_users_login is not working.

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
14,124 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Erland Sommarskog 113.3K Reputation points MVP
    2021-06-05T08:53:31.947+00:00

    When you restore a database, you restore a database, and if there was a database in place with the same name, this database is entirely flattened. There is no merge of logins or anything. BACKUP and RESTORE are low-level operations that works with pages with a minimal understanding of what is in those pages.

    If you are regularly restoring a database from one environment to another, and you want to retain permissions, logins created in the target environment, you need to cater for this by having a post-install script to permissions and users.

    When it comes to SID for SQL logins, they can be handled without post-processing, though. When you create a login you can say:

    CREATE LOGIN nisse WITH PASSWORD = 'ToppSikrit' SID = 0x.....

    So once you have created a login on one server, you capture the SID and the use this SID when you create a login with the same on the other servers.

    0 comments No comments

  2. CarrinWu-MSFT 6,876 Reputation points
    2021-06-07T03:31:10.827+00:00

    Hi @public cloud ,

    Welcome to Microsoft Q&A!

    A database user can become orphaned after a database is restored or attached to a different instance of SQL Server where the login was never created. Please refer to Troubleshoot orphaned users (SQL Server) to get more information. And this blog provide a way to solve this issue, see below:
    102699-1.png

    Best regards,
    Carrin


    If the answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.