Get-SqlLogin
Returns Login objects in an instance of SQL Server.
Syntax
Get-SqlLogin
[-LoginName <String>]
[-Disabled]
[-Locked]
[-PasswordExpired]
[-HasAccess]
[-RegEx]
[-Wildcard]
[-LoginType <LoginType>]
[[-Path] <String>]
[-AccessToken <PSObject>]
[-TrustServerCertificate]
[-HostNameInCertificate <String>]
[-Encrypt <String>]
[<CommonParameters>] Get-SqlLogin
[-LoginName <String>]
[-Disabled]
[-Locked]
[-PasswordExpired]
[-HasAccess]
[-RegEx]
[-Wildcard]
[-LoginType <LoginType>]
[[-InputObject] <Server>]
[-AccessToken <PSObject>]
[-TrustServerCertificate]
[-HostNameInCertificate <String>]
[-Encrypt <String>]
[<CommonParameters>] Get-SqlLogin
[-LoginName <String>]
[-Disabled]
[-Locked]
[-PasswordExpired]
[-HasAccess]
[-RegEx]
[-Wildcard]
[-LoginType <LoginType>]
[[-ServerInstance] <String[]>]
[-Credential <PSCredential>]
[-ConnectionTimeout <Int32>]
[-AccessToken <PSObject>]
[-TrustServerCertificate]
[-HostNameInCertificate <String>]
[-Encrypt <String>]
[<CommonParameters>] Description
The Get-SqlLogin cmdlet returns Login objects in an instance of SQL Server. If you specify the name of the Login object, the cmdlet removes that specific object.
Examples
Example 1: Get all Login objects for an instance
PS C:\> Get-SqlLogin -ServerInstance "MyServerInstance"
Name Login Type Created
---- ---------- -------
##MS_PolicyEventProcessingLogin## SqlLogin 4/30/2016 12:46 AM
##MS_PolicyTsqlExecutionLogin## SqlLogin 4/30/2016 12:46 AM
NT AUTHORITY\SYSTEM WindowsUser 6/16/2016 10:29 AM
NT Service\MSSQLSERVER WindowsUser 6/16/2016 10:29 AM
NT SERVICE\SQLSERVERAGENT WindowsUser 6/16/2016 10:29 AM
NT SERVICE\SQLTELEMETRY WindowsUser 6/16/2016 10:29 AM
NT SERVICE\SQLWriter WindowsUser 6/16/2016 10:29 AM
NT SERVICE\Winmgmt WindowsUser 6/16/2016 10:29 AM
sa SqlLogin 4/8/2003 9:10 AMThis command returns all Login objects in the instance of SQL Server named MyServerInstance.
Example 2: Get Login objects that match a regular expression
PS C:\> Get-SqlLogin -ServerInstance "MyServerInstance" -LoginName "\bNT.*" -RegEx
Name Login Type Created
---- ---------- -------
NT AUTHORITY\SYSTEM WindowsUser 6/16/2016 10:29 AM
NT Service\MSSQLSERVER WindowsUser 6/16/2016 10:29 AM
NT SERVICE\SQLSERVERAGENT WindowsUser 6/16/2016 10:29 AM
NT SERVICE\SQLTELEMETRY WindowsUser 6/16/2016 10:29 AM
NT SERVICE\SQLWriter WindowsUser 6/16/2016 10:29 AM
NT SERVICE\Winmgmt WindowsUser 6/16/2016 10:29 AMThis command returns Login objects that have names that match the regular expression "\bNT.*" in the instance of SQL Server named 'MyServerInstance'.
Example 3: Get Login objects of a type
PS C:\> Get-SqlLogin -ServerInstance "MyServerInstance" -LoginType SqlLogin
Name Login Type Created
---- ---------- -------
##MS_PolicyEventProcessingLogin## SqlLogin 4/30/2016 12:46 AM
##MS_PolicyTsqlExecutionLogin## SqlLogin 4/30/2016 12:46 AM
sa SqlLogin 4/8/2003 9:10 AMThis command returns Login objects that are of type SqlLogin in the instance of SQL Server named 'MyServerInstance'.
Parameters
-AccessToken
The access token used to authenticate to SQL Server, as an alternative to user/password or Windows Authentication.
This can be used, for example, to connect to SQL Azure DB and SQL Azure Managed Instance
using a Service Principal or a Managed Identity.
The parameter to use can be either a string representing the token or a PSAccessToken object as returned by running Get-AzAccessToken -ResourceUrl https://database.windows.net.
This parameter is new in v22 of the module.
| Type: | PSObject |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ConnectionTimeout
Specifies the number of seconds to wait for a server connection before a time-out failure. The time-out value must be an integer between 0 and 65534. If 0 is specified, connection attempts do not time out.
| Type: | Int32 |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Credential
Specifies a PSCredential object for the connection to SQL Server. To obtain a credential object, use the Get-Credential cmdlet. For more information, type Get-Help Get-Credential.
| Type: | PSCredential |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Disabled
Indicates that this cmdlet gets only disabled Login objects.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Encrypt
The encryption type to use when connecting to SQL Server.
This value maps to the Encrypt property SqlConnectionEncryptOption on the SqlConnection object of the Microsoft.Data.SqlClient driver.
In v22 of the module, the default is Optional (for compatibility with v21). In v23+ of the module, the default value will be 'Mandatory', which may create a breaking change for existing scripts.
This parameter is new in v22 of the module.
| Type: | String |
| Accepted values: | Mandatory, Optional, Strict |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-HasAccess
Indicates that this cmdlet gets only Login objects that have access to the instance of SQL Server.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-HostNameInCertificate
The host name to be used in validating the SQL Server TLS/SSL certificate. You must pass this parameter if your SQL Server instance is enabled for Force Encryption and you want to connect to an instance using hostname/shortname. If this parameter is omitted then passing the Fully Qualified Domain Name (FQDN) to -ServerInstance is necessary to connect to a SQL Server instance enabled for Force Encryption.
This parameter is new in v22 of the module.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-InputObject
Specifies a SQL Server Management Objects (SMO) object the SQL Server for which this cmdlet gets Login objects.
| Type: | Server |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Locked
Indicates that this cmdlet gets only locked Login objects.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LoginName
Specifies an array of names of Login objects that this cmdlet gets. The case sensitivity is the same as that of the instance of SQL Server.
| Type: | String |
| Aliases: | Name |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-LoginType
Specifies the type of the Login objects that this cmdlet gets.
| Type: | LoginType |
| Accepted values: | WindowsUser, WindowsGroup, SqlLogin, Certificate, AsymmetricKey, ExternalUser, ExternalGroup |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PasswordExpired
Indicates that this cmdlet gets only Login objects that have expired passwords.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Path
Specifies the path of the SQL Server on which this cmdlet runs the operation. The default value is the current working directory.
| Type: | String |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-RegEx
Indicates that this cmdlet treats the value of the LoginName parameter as a regular expression.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ServerInstance
Specifies the name of an instance of SQL Server. For the default instance, specify the computer name. For named instances, use the format ComputerName\InstanceName.
| Type: | String[] |
| Position: | 1 |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-TrustServerCertificate
Indicates whether the channel will be encrypted while bypassing walking the certificate chain to validate trust.
In v22 of the module, the default is $true (for compatibility with v21). In v23+ of the module, the default value will be '$false', which may create a breaking change for existing scripts.
This parameter is new in v22 of the module.
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Wildcard
Indicates that this cmdlet interprets wildcard characters in the value of the LoginName parameter.
| Type: | SwitchParameter |
| Aliases: | Like |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.SqlServer.Management.Smo.Server
System.String[]