Alter SQL Mirroring Endpoint Owner with Powershell

less than 1 minute read

Whilst using my Drop-SQLLogins function, which is one of my PowerShell Box Of Tricks series, it failed to delete logins on some servers with the error

Login domain\user’ has granted one or more permissions. Revoke the permission before dropping the login (Microsoft SQL Server, Error: 15173)

I used the Show-SQLPermissions function and added the .grantor property to try and locate the permission the account had granted but it came back blank. A bit of googling and a AHA moment and I remembered mirroring

I checked the mirroring endpoints

and found the endpoints with the user as the owner so I needed to change them

This can be done in T-SQL as follows

but to do it on many endpoints it is easier to do it with Powershell

I could then drop the user successfully

$svrs = ## list of servers Get-Content from text fiel etc

foreach ($svr in $svrs) {
    $server = New-Object Microsoft.SQLServer.Management.Smo.Server $svrs
    foreach ($endpoint in $server.Endpoints['Mirroring']) {
        if ($endpoint.Owner = 'Domain\User') {
            $endpoint.Owner = 'Domain\NEWUser'
            $endpoint.Alter()
        }        
    }
}

Twitter Facebook LinkedIn

Rob Sewell

Alter SQL Mirroring Endpoint Owner with Powershell

Comments

You May Also Enjoy

Using PowerShell to Automate StreamLabs OBS and Show Your Webcam in PowerPoint

#tsql2sday #130 - Automate your stress away - Getting more SSIS Agent Job information

The first page with GitHub Pages

Creating Azure SQL Database AAD Contained Database Users with an SPN using PowerShell, Secrets Management, Azure Key Vault, and dbatools