forked from ktaranov/sqlserver-kit
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathWhiteListIPTable.sql
More file actions
59 lines (52 loc) · 1.31 KB
/
WhiteListIPTable.sql
File metadata and controls
59 lines (52 loc) · 1.31 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
/*
Author: Patrick Keisler
Original link: http://www.patrickkeisler.com/2017/05/create-whitelist-for-sql-server-updated.html
*/
USE master;
GO
IF OBJECT_ID('dbo.WhiteList') IS NOT NULL
DROP TABLE dbo.WhiteList;
GO
CREATE TABLE dbo.WhiteList
(
Id INT IDENTITY(1,1) PRIMARY KEY
,LoginName VARCHAR(255)
,HostName VARCHAR(255)
,HostIpAddress VARCHAR(50)
,Comments VARCHAR(2000)
);
GO
GRANT SELECT ON dbo.WhiteList TO PUBLIC;
GO
INSERT dbo.WhiteList(LoginName,HostName,HostIpAddress,Comments)
VALUES
('*','ECHOBASE1','*','Any user from the workstation "ECHOBASE1" is allowed to connect, regardless of IP address.')
,('WebSiteLogin','webserver1','192.168.100.55','Only the WebSiteLogin from webserver1 with an IP of 192.168.100.55 is allowed access.');
GO
CREATE TRIGGER WhiteListTrigger
ON ALL SERVER FOR LOGON
AS
BEGIN
DECLARE
@LoginName VARCHAR(255) = ORIGINAL_LOGIN()
,@HostName VARCHAR(255) = HOST_NAME()
,@HostIpAddress VARCHAR(50) = CONVERT(VARCHAR(50),CONNECTIONPROPERTY('client_net_address'));
IF
(
SELECT COUNT(*) FROM dbo.WhiteList
WHERE
(
(LoginName = @LoginName) OR (LoginName = '*')
)
AND
(
(HostName = @HostName) OR (HostName = '*')
)
AND
(
(HostIpAddress = @HostIpAddress) OR (HostIpAddress = '*')
)
) = 0
ROLLBACK;
END;
GO