Skip to content

Export-DbaLogin: add option to export roles that the login or its users are members of #10037

New issue
New issue
Open
Open
Export-DbaLogin: add option to export roles that the login or its users are members of#10037
Labels
featuretriage requiredNew issue that has not been reviewed by maintainers
@ReeceGoding

Description

@ReeceGoding
ReeceGoding
opened on Dec 5, 2025

Summarize Functionality

Export-DbaLogin with -ObjectLevel is great for auditing permissions. However, it hides a nasty surprise. The long scripts it produces fool you into thinking that you must have everything, but it misses permissions granted to the user/login's roles. It scripts the membership of the role and I think it also scripts the CREATE ROLE, but it does not script any permissions for it. There should be a way to opt into this.

Is there a command that is similiar or close to what you are looking for?

Yes

Technical Details

Export-DbaDbRole is quite close, but a switch letting Export-DbaLogin opt into that this what I want.

Metadata

Metadata

Assignees

No one assigned

    Labels

    featuretriage requiredNew issue that has not been reviewed by maintainers

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions