Skip to content

Commit 8fa07a3

Browse files
clairecadmanclairecadman
committed
(MODULES-8721) README edit
1 parent bddc857 commit 8fa07a3

File tree

1 file changed

+78
-60
lines changed

1 file changed

+78
-60
lines changed

README.md

Lines changed: 78 additions & 60 deletions
Original file line numberDiff line numberDiff line change
@@ -1063,48 +1063,59 @@ Default: `false`.
10631063

10641064
#### sqlserver::get_sql_logins
10651065

1066-
This task will retrieve information about a login, or a set of logins, from the sql instances running on a given node.
1067-
With no parameters specified it will return summary level information about all logins configured for all sql instances running on a given node or node set.
1068-
Use the `detailed` parameter to return more detailed information including the SID's and the name of the instance a login was retrieved from.
1066+
This task retrieves information about a login, or a set of logins, from the sql instances running on a node.
1067+
1068+
When no parameters are specified, it returns summary level information about all of the logins configured for all sql instances running on a node or node set.
1069+
1070+
Use the `detailed` parameter to return more detailed information, including the SID's and the name of the instance a login was retrieved from.
10691071

10701072
##### parameters
10711073

10721074
* **instance_name**
10731075

1074-
The name of the instance to query for logins. By default, leave blank for all instances running on a node.
1075-
Pass the values `.`, `MSSQLSERVER`, or the node name to query just the default instance.
1076-
Named instances can be referred to by either the short name of the instance, or by `<COMPUTERNAME>\<INSTANCE_NAME>`.
1077-
This is an optional parameter which will accept a single string or array of strings as input.
1076+
The name of the instance to query for logins. By default, leave blank for all instances running on a node.
1077+
1078+
Pass the values `.`, `MSSQLSERVER`, or the node name, to query the default instance.
1079+
1080+
Refer to named instances either by the short name of the instance or by `<COMPUTERNAME>\<INSTANCE_NAME>`.
1081+
1082+
This is an optional parameter which accepts a single string or array of strings as input.
10781083

10791084
* **login_name**
10801085

1081-
The name of a particular login to search for, or the search pattern for a set of logins.
1082-
If no value is passed to this variable then all logins are returned.
1083-
By default any values passed to this parameter are treated like a search string.
1084-
Searches are done using the PowerShell `-match` operator.
1085-
For example, if the string `sql` is passed to this parameter, logins such as `NT SERVICE\SQLWriter`
1086-
and `##MS_PolicyTsqlExecutionLogin##` will be returned in the result set.
1087-
If the `exact_match` parameter is set to true, then only exact matches are accepted and neither of those logins would have been returned.
1088-
This is an optional parameter which will accept a single string or array of strings as input.
1086+
The name of a particular login to search for, or the search pattern, for a set of logins. If no value is passed to this variable, all logins are returned. By default, any values passed to this parameter are treated like a search string.
1087+
1088+
Searches are done using the PowerShell `-match` operator. For example, if the string `sql` is passed to this parameter, logins such as `NT SERVICE\SQLWriter` and `##MS_PolicyTsqlExecutionLogin##` will be returned in the result set.
1089+
1090+
If the `exact_match` parameter is set to true, only exact matches are accepted and neither of those logins would have been returned.
1091+
1092+
This is an optional parameter which accepts a single string or an array of strings as input.
10891093

10901094
* **exact_match**
10911095

1092-
Set this to true to change the behavior of the `login_name` parameter so that only logins exactly matching one of the provided login_names is returned in the result set.
1093-
This is an optional parameter which will accept either `true` or `false`. It's default value is false.
1096+
Set this to true to change the behavior of the `login_name` parameter so that only logins exactly matching one of the provided login_names is returned in the result set.
1097+
1098+
This is an optional parameter which accepts either `true` or `false`. It's default value is false.
10941099

10951100
* **detailed**
10961101

1097-
This parameter causes the task to return a more detailed level of information for each login.
1098-
By default the list of properties returned about each login is: `Name`,`isDisabled`,`isLocked`,`IsPasswordExpired`,`CreateDate`,`DateLastModified`.
1099-
Setting this parameter to true adds in the following properties: `DefaultDatabase`,`DenyWindowsLogin`,`HasAccess`,`ID`,`IsSystemObject`,`Language`,`LanguageAlias`,`,LoginType`,`MustChangePassword`,`PasswordExpirationEnabled`,`PasswordHashAlgorithm`,`PasswordPolicyEnforced`,`SQLSID`,`ADSid`,`WindowsLoginAccessType`,`UserData`,`State`,`IsDesignMode`,`InstanceName`
1102+
This parameter causes the task to return a more detailed information for each login.
11001103

1101-
> **A note about `SQLSID` and `ADSID`.**
1104+
By default, the list of properties returned about each login is:
1105+
1106+
`Name`,`isDisabled`,`isLocked`,`IsPasswordExpired`,`CreateDate`,`DateLastModified`.
1107+
1108+
Setting this parameter to true adds in the following properties:
1109+
1110+
`DefaultDatabase`,`DenyWindowsLogin`,`HasAccess`,`ID`,`IsSystemObject`,`Language`,`LanguageAlias`,`,LoginType`,`MustChangePassword`,`PasswordExpirationEnabled`,`PasswordHashAlgorithm`,`PasswordPolicyEnforced`,`SQLSID`,`ADSid`,`WindowsLoginAccessType`,`UserData`,`State`,`IsDesignMode`,`InstanceName`
1111+
1112+
> **Note about `SQLSID` and `ADSID`.**
11021113
>
11031114
> The `SQLSID` property is this module's property name for the binary representation of a SID that SQLServer keeps internally in tables like `sys.server_principals`.
11041115
> It will look like `0x01` for accounts like `sa`, or something longer like `0x0106000000000009010000005FB6DAC7F7DB546D706711B128B5063888B01770` for other accounts.
1105-
> This `sid` does not look like a normal `sid` you might see outside of SQLServer, but it is returned as part of the detailed information to make it easier to correlate the logins returned by this module and query results from SQLServer.
1106-
> The `ADSID` property is a more normal looking `sid` you might get from PowerShell Active Directory query tools.
1107-
> It is a direct translation of that `SQLSID` into the Microsoft string `sid` form and will look something like `S-1-5-80-1402415987-66678372-3059512406-1823130485-2345841878`.
1116+
> This `sid` does not look like a normal `sid` you might see outside of SQLServer, but instead it is returned as part of the detailed information to make it easier to correlate the logins returned by this module and query results from SQLServer.
1117+
> The `ADSID` property is a more normal looking `sid` you might get from PowerShell Active Directory (AD) query tools.
1118+
> It is a direct translation of that `SQLSID` into the Microsoft string `sid` form and looks like `S-1-5-80-1402415987-66678372-3059512406-1823130485-2345841878`.
11081119
> This translation is done to make it easier to correlate SQLServer logins with AD users and detect when something like a user has been disconnected from its real AD SID.
11091120
> If the detailed information for a login does not contain a value for the AD SID property, it means that the login is internal to SQLServer and does not have a valid AD format `sid`.
11101121
@@ -1114,73 +1125,80 @@ Use the `detailed` parameter to return more detailed information including the S
11141125

11151126
* **instance_name**
11161127

1117-
The name of the instance to find the login you are setting properties on.
1118-
By default this parameter will use the default instance only.
1119-
Named instances can be referred to by either the short name of the instance, or by `<COMPUTERNAME>\<INSTANCE_NAME>`.
1120-
Specifying an instance name will access only that instance. To affect a login on more than one instance,
1121-
specify all of the required instance names as an array of values.
1122-
Pass the values `.`, `MSSQLSERVER`, or the node name to query only the default instance.
1123-
This is an optional parameter which will accept a single string or array of strings as input.
1128+
The name of the instance to find the login you are setting properties on. By default, this parameter only uses the default instance.
1129+
1130+
Refer to named instances by either the short name of the instance, or by `<COMPUTERNAME>\<INSTANCE_NAME>`.
1131+
1132+
Specifying an instance name will access only that instance. To affect a login on more than one instance, specify all of the required instance names as an array of values.
1133+
1134+
Pass the values `.`, `MSSQLSERVER`, or the node name to query only the default instance.
1135+
1136+
This is an optional parameter which will accept a single string or an array of strings as input.
11241137

11251138
* **login_name**
11261139

1127-
The name of a particular login to to set properties on.
1128-
By default this parameter expects an exact match. To use pattern matching see the `fuzzy_match` parameter.
1129-
This is an optional parameter which will accept a single string or array of strings as input.
1140+
1141+
The name of a particular login to set properties on. By default, this parameter expects an exact match. To use pattern matching, see the `fuzzy_match` parameter.
1142+
1143+
This is an optional parameter which accepts a single string or an array of strings as input.
11301144

11311145
* **fuzzy_match**
11321146

1133-
Modifies the behavior of the `login_name` parameter so that the value given is a login name pattern to match.
1134-
Searches are done using the PowerShell `-match` operator.
1135-
For example, if the string `sql` is passed to the `login_name` parameter, while `fuzzy_match` is set to true, logins such as `NT SERVICE\SQLWriter`
1136-
and `##MS_PolicyTsqlExecutionLogin##` will be returned in the result set.
1137-
This is an
1138-
optional parameter which will accept either `true` or `false`. Its default value is false.
1147+
1148+
Modifies the behavior of the `login_name` parameter so that the value given is a login name pattern to match.
1149+
1150+
Searches are done using the PowerShell `-match` operator. For example, if the string `sql` is passed to the `login_name` parameter, while `fuzzy_match` is set to true, logins such as `NT SERVICE\SQLWriter` and `##MS_PolicyTsqlExecutionLogin##` will be returned in the result set.
1151+
1152+
This is an optional parameter which accepts either `true` or `false`. Its default value is false.
11391153

11401154
* **enabled**
11411155

1142-
Set this parameter to true to enable a login and set to false to disable it.
1143-
This is an optional boolean parameter. The return value will be an element in the json return
1144-
specifying that the new value for the `isDisabled` property of the login object will be either `true` or `false`.
1156+
Set this parameter to true to enable a login. Set to false to disable it.
1157+
1158+
This is an optional boolean parameter. The return value will be an element in the json return specifying that the new value for the `isDisabled` property of the login object will be either `true` or `false`.
11451159

11461160
* **password**
11471161

1148-
Provide a value specifying the new password to use for a login.
1149-
Please note that there are possible string parsing issues when using this parameter.
1150-
For instance attempting to set a password `'pa$ssword#"'` may not parse correctly.
1151-
To get the double quote to end up in the password correctly you will need to triple quote escape the double quote,
1152-
like so `'pa$ssword#"""'`.
1153-
To ensure you password is interpreted and set correctly you may want to try to echo the password out using `bolt command run` first
1154-
to ensure the characters end up on the target node correctly like so, `bolt command run 'Write-Host ''This is """awesome""".'''`
1162+
Provide a value specifying the new password to use for a login. Note that there are possible string parsing issues when using this parameter. For example, attempting to set a password `'pa$ssword#"'` may not parse correctly.
1163+
1164+
To get the double quote to end up in the password correctly, triple quote escape the double quote, for example, `'pa$ssword#"""'`.
1165+
1166+
To ensure your password is interpreted and set correctly, try to echo the password out using `bolt command run` first to ensure that the characters end up on the target node correctly, for example, `bolt command run 'Write-Host ''This is """awesome""".'''`
11551167

11561168
##### noop
11571169

11581170
This task supports the `--noop` flag. The task will return json values indicating the
11591171
actions it would have taken and the logins it would have affected without actually taking any action.
1172+
11601173
It will not inspect and return to you what the state of a property was before taking the action.
1161-
Use this parameter especially when using the `fuzzy_match` parameter to ensure you are affecting
1162-
only the logins you intend to.
1174+
1175+
Use this parameter — especially when using the `fuzzy_match` parameter — to ensure that you are affecting only the logins you intend to.
11631176

11641177
#### sqlserver::get_sqlagent_jobs
11651178

11661179
##### parameters
11671180

11681181
* **instance_name**
11691182

1170-
The name of the instance to get job information from. Leave this variable blank to return information from all instances by default.
1171-
Named instances can be referred to by either the short name of the instance, or by `<COMPUTERNAME>\<INSTANCE_NAME>`. Specifying an instance name will access only that instance.
1172-
Pass the values `.`, `MSSQLSERVER`, or the node name to query only the default instance.
1173-
This is an optional parameter which will accept a single string or array of strings as input.
1183+
The name of the instance where you get the job information. Leave this variable blank to return information from all instances by default.
1184+
1185+
Refer to named instances by either the short name of the instance or by `<COMPUTERNAME>\<INSTANCE_NAME>`. Specifying an instance name will access only that instance.
1186+
1187+
Pass the values `.`, `MSSQLSERVER`, or the node name to query only the default instance.
1188+
1189+
This is an optional parameter which accepts a single string or array of strings as input.
11741190

11751191
* **job_name**
11761192

1177-
The name of a job, or the pattern to match on a jobs name.
1178-
This is an optional parameter which will accept a single string or array of strings as input.
1193+
The name of a job, or the pattern, to match on a jobs name.
1194+
1195+
This is an optional parameter which accepts a single string or array of strings as input.
11791196

11801197
* **exact_match**
11811198

1182-
Set this to true to change the behavior of the `job_name` parameter so that only jobs with names exactly matching one of the provided job_names is returned in the result set.
1183-
This is an optional parameter which will accept either `true` or `false`. It's default value is false.
1199+
Set this to true to change the behavior of the `job_name` parameter so that only jobs with names exactly matching one of the provided job_names is returned in the result set.
1200+
1201+
This is an optional parameter which will accept either `true` or `false`. It's default value is false.
11841202

11851203
### Microsoft SQL Server terms
11861204

0 commit comments

Comments
 (0)