databases/sql/README.org


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36

* =admins.sql=

#+begin_src sql
:r admins.sql
#+end_src

#+begin_src text
| UserName    | UserType     | DatabaseUserName | Role            | PermissionType | PermissionState | ObjectType           | ObjectName         | ColumnName |
|-------------+--------------+------------------+-----------------+----------------+-----------------+----------------------+--------------------+------------|
| SCOTT       | SQL User     | SCOTT            | NULL            | SELECT         | GRANT           | USER_TABLE           | EMPLOYEES          | NULL       |
| SCOTT       | SQL User     | SCOTT            | NULL            | INSERT         | GRANT           | USER_TABLE           | EMPLOYEES          | NULL       |
| HR          | SQL User     | HR               | NULL            | EXECUTE        | GRANT           | SQL_STORED_PROCEDURE | SP_GET_EMPLOYEE    | NULL       |
| APP_USER    | Windows User | APP_USER         | ApplicationRole | SELECT         | GRANT           | VIEW                 | vw_EmployeeDetails | NULL       |
| APP_USER    | Windows User | APP_USER         | ApplicationRole | INSERT         | GRANT           | USER_TABLE           | EMPLOYEES          | NULL       |
| {All Users} | {All Users}  | {All Users}      | public          | SELECT         | GRANT           | USER_TABLE           | EMPLOYEES          | NULL       |
| {All Users} | {All Users}  | {All Users}      | public          | EXECUTE        | GRANT           | SQL_STORED_PROCEDURE | SP_GET_EMPLOYEE    | NULL       |
#+end_src

* =passwords.py=

#+begin_src shell
python passwords.py
#+end_src

#+begin_src text
| Name  | Type      | Check Policy | Check Expiration | Reason                                                                                                                                        |
|-------+-----------+--------------+------------------+-----------------------------------------------------------------------------------------------------------------------------------------------|
| user1 | SQL_LOGIN | PASS         | FAIL             | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is not enforced.                                      |
| user2 | SQL_LOGIN | FAIL         | FAIL             | Password policy is not enforced. Password expiration is not enforced.                                                                         |
| user3 | SQL_LOGIN | PASS         | FAIL             | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is not enforced.                                      |
| user4 | SQL_LOGIN | PASS         | FAIL             | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is not enforced.                                      |
| user5 | SQL_LOGIN | PASS         | FAIL             | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is not enforced.                                      |
| user6 | SQL_LOGIN | PASS         | PASS             | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is enforced. Reviewer to check the expiration policy. |
| user7 | SQL_LOGIN | PASS         | PASS             | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is enforced. Reviewer to check the expiration policy. |
| user8 | SQL_LOGIN | PASS         | PASS             | Password policy is enforced. Reviewer to check the assigned policy. Password expiration is enforced. Reviewer to check the expiration policy. |
#+end_src