I already used Microsoft.SqlServer.Management.Smo.Login in Powershell to create SQL-login with no problem.
Just for the new SQL-login created, how could I use Powershell to set its permissions as image show below? (I want to set "View any database" to be "Deny").
Thanks heaps!
#Valid serverpermissions:
#AdministerBulkOperations AlterAnyConnection AlterAnyCredential AlterAnyDatabase AlterAnyEndpoint AlterAnyEventNotification
#AlterAnyLinkedServer AlterAnyLogin AlterAnyServerAudit AlterResources AlterServerState AlterSettings AlterTrace AuthenticateServer
#ConnectSql ControlServer CreateAnyDatabase CreateDdlEventNotification CreateEndpoint CreateTraceEventNotification ExternalAccessAssembly
#UnsafeAssembly ViewAnyDatabase ViewAnyDefinition ViewServerState
#Set variables
$ServerInstance = ""
$name = ""
$action = ""
$server = new-object ("Microsoft.SqlServer.Management.Smo.Server") $ServerInstance
$perm = new-object ('Microsoft.SqlServer.Management.Smo.ServerPermissionSet')
$perm.$($permission.ToString()) = $true
switch ($action)
{
'Grant' { $server.Grant($perm,$name) }
'Deny' { $server.Deny($perm,$name) }
'Revoke' { $server.Revoke($perm,$name) }
}
Assuming the SQL PowerShell module is loaded, I use this:
$Instance=Get-Item -Path "SQLSERVER:\SQL\$env:COMPUTERNAME\<instance name>"
$DBPermSet=[Microsoft.SqlServer.Management.Smo.ServerPermissionSet]::new()
$DBPermSet.Add([Microsoft.SqlServer.Management.Smo.ServerPermission]::ViewAnyDatabase)
$Instance.Deny($DBPermSet,"<user name>")
GRANTandDENYstatements instead of messing around with management objects.