sync

2024-03-07 16:52:14 +01:00
parent bb404b6ce6
commit 859a324c7e
203 changed files with 68602 additions and 0 deletions
--- a/sequence/dba_storedProcedures/sp_ddl_sysadmin.sql
+++ b/sequence/dba_storedProcedures/sp_ddl_sysadmin.sql
@@ -0,0 +1,224 @@
+USE [HCITools]
+GO
+
+IF EXISTS (SELECT * FROM sys.objects o JOIN sys.schemas s ON o.schema_id = s.schema_id WHERE o.name = 'sp_ddl_sysadmin' AND OBJECTPROPERTY(object_id,N'IsProcedure') = 1 AND s.name = 'dba')
+  DROP PROCEDURE [dba].[sp_ddl_sysadmin]
+GO
+
+SET ANSI_NULLS ON
+GO
+
+SET QUOTED_IDENTIFIER ON
+GO
+
+
+
+
+
+CREATE PROCEDURE [dba].[sp_ddl_sysadmin]
+                 
+AS 
+/*============================================================================= 
+
+  Explication du traitement realise par la SP
+  -------------------------------------------
+    Cette SP est exécutée toute les jours et check les modifications sur l'ajout ou la création du un login sysadmin. 
+    Les résultats sont envoyés par mail
+        
+  Parametres  
+  ----------  
+   
+  Creation : 17.09.2019 / SPE
+   
+  Modifications : 21.10.2020 / SPE: Exclude dba login from resultset
+                  09.02.2021 / SPE : #TFS62610# - Update all mail configurations to avoid SPAM
+                  17.03.2022 / FLA : Change DBA mail
+                  17.08.2023 / SPE : OCTPDBA-726: Replace mail profile name APSSQL_MAIL_PROFILE into AzureManagedInstance_dbmail_profile to be SQL managed instances compatible
+  
+=============================================================================*/ 
+
+SET NOCOUNT ON;
+
+/*------------------- Declaration des variables --------------------*/
+
+  DECLARE @errno                                    int,
+          @cvCurrentOrganizationalUnit              int,
+          @subsidiary_id                            int,
+          @totAlerts                                int,
+          @totDDL                                   int,
+          @html                                     nvarchar(max),
+          @errmsg                                   varchar(255),
+          @email                                    varchar(255),
+          @subject                                  varchar(255),
+          @out_default_value                        varchar(60),
+          @format                                   varchar(60),
+          @mailImportance                           varchar(6),
+          @ou                                       varchar(3)
+
+  
+
+/*-------------------------- Traitement ---------------------------*/
+BEGIN TRY
+
+/* ------------------------------------------------------------------------------------------------------------------------------------- */
+/* \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\ 1 : RETRIEVE FORMAT AND OU CODE /////////////////////////////////////////////////// */
+/* ------------------------------------------------------------------------------------------------------------------------------------- */
+    
+	IF EXISTS(SELECT 1 FROM [master].[cfg].[InstanceContext] WHERE Business = 'TPPHAR')
+	BEGIN
+	  /* Get the cvCurrentOrganizationalUnit */
+      EXEC arizona.dbo.sp_bmc_Bmc_Applic_Default 
+           @in_job_type        = 3,
+           @in_param_int_1     = null,
+           @in_param_int_2     = null,
+           @in_param_varchar_1 = 'cvCurrentOrganizationalUnit',
+           @out_default_value  = @out_default_value OUTPUT,
+           @out_param_int_1    = null;
+  
+      SELECT @cvCurrentOrganizationalUnit = convert(int,@out_default_value);
+
+      /* Check if we have a value, if not leave this SP */
+      IF @cvCurrentOrganizationalUnit is null 
+      BEGIN
+        SELECT @errno = 70001,
+               @errmsg = '(APS) Error cvCurrentOrganizationalUnit does not exist!';
+        goto error_99;
+      END
+
+      /* Get the subsidiary id and OU code */
+      SELECT @subsidiary_id = ou.OU_subsidiary, @ou = ou.OU_Code
+        FROM arizona.dbo.Organizational_unit ou  with (nolock)
+       WHERE ou.Organizational_unit_ID = @cvCurrentOrganizationalUnit;
+
+      /* Check if we have a value, if not leave this SP */
+      IF @subsidiary_id is null 
+      BEGIN
+        SELECT @errno = 70001,
+               @errmsg = '(APS) Error subsidiary_id does not exist!';
+        goto error_99;
+      END
+
+      /* Get the current format */
+      SELECT @format = sub.SUB_code
+        FROM arizona.dbo.Subsidiary sub  with (nolock)
+       WHERE sub.Subsidiary_ID = @subsidiary_id;
+  
+      /* Check if we have a value, if not leave this SP */
+      IF @format is null 
+      BEGIN
+        SELECT @errno = 70001,
+               @errmsg = '(APS) Error format does not exist!';
+        goto error_99;
+      END
+
+      /* Change the value into a compatible format */
+      IF @format = 'COOP'
+      BEGIN
+        SET @format = 'CVI'
+      END
+
+      IF @format = 'CENT'
+      BEGIN
+        SET @format = 'SUN'
+      END
+
+      IF @format = '000'
+      BEGIN
+        SET @format = 'AAI'
+      END
+	END
+    ELSE
+	BEGIN
+	  SELECT @format = DnsAlias FROM [master].[cfg].[Identity]
+	  SET @ou = ''
+	END
+
+
+/* ------------------------------------------------------------------------------------------------------------------------------------- */
+/* \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\    2 : RETRIEVE DDL EVENTS      /////////////////////////////////////////////////// */
+/* ------------------------------------------------------------------------------------------------------------------------------------- */
+ 
+  /* Insert into #DDLSysadminLog temp table all DDL events of type LOGIN (SYSADMIN) for the last 24 hours */
+  SELECT DA_App_Name,
+          DA_Host_Name,
+          DA_Event_Xml.value('(./EVENT_INSTANCE/PostTime)[1]','NVARCHAR(MAX)') AS PostTime,
+          DA_Event_Xml.value('(./EVENT_INSTANCE/SPID)[1]','NVARCHAR(MAX)') AS SPID,
+          DA_Event_Xml.value('(./EVENT_INSTANCE/ServerName)[1]','NVARCHAR(MAX)') AS ServerName,
+          DA_Event_Xml.value('(./EVENT_INSTANCE/LoginName)[1]','NVARCHAR(MAX)') AS LoginName,
+          DA_Event_Xml.value('(./EVENT_INSTANCE/ObjectName)[1]','NVARCHAR(MAX)') AS ObjectName
+    INTO #DDLSysadminLog
+    FROM [master].[dba].[DDL_audit]
+   WHERE DA_Event_Xml.value('(./EVENT_INSTANCE/ObjectType)[1]','NVARCHAR(MAX)') = 'LOGIN'
+     AND DA_Event_Xml.value('(./EVENT_INSTANCE/TSQLCommand/CommandText)[1]','NVARCHAR(MAX)') like '%sysadmin%add%'
+     AND DA_Event_Xml.value('(./EVENT_INSTANCE/PostTime)[1]','NVARCHAR(MAX)') > GETDATE()-1
+     AND DA_Event_Xml.value('(./EVENT_INSTANCE/LoginName)[1]','NVARCHAR(MAX)') <> 'dba'
+   ORDER BY DA_Event_Xml.value('(./EVENT_INSTANCE/PostTime)[1]','NVARCHAR(MAX)') DESC
+
+
+/* ------------------------------------------------------------------------------------------------------------------------------------- */
+/* \\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\    3 : CREATE AND SEND MAIL     /////////////////////////////////////////////////// */
+/* ------------------------------------------------------------------------------------------------------------------------------------- */
+
+  /* Count total critical alerts and set mail level */
+  SELECT @totDDL = COUNT(*) FROM #DDLSysadminLog AL 
+  SET @mailImportance = 'High'
+ 
+  IF @totDDL > 0
+  BEGIN
+    
+  SELECT @email = DML_Recipients
+    FROM HCITools.dbo.DBA_Mailing_list
+   WHERE DML_Code = 'DBA_operator'
+
+    SET @subject = @format+@ou+': ' + convert(varchar,@totDDL) + ' sysadmin account granted!!! - [' + @@SERVERNAME + ']' 
+    SET @HTML =
+      N'<body>Server: ' + @format+@ou+'<br />List of all sysadmin accounts granted for the last day: <br /><br /><table border="1">' +
+      N'<tr><th>AlertLevel</th><th>Application Name</th><th>Host Name</th><th>Modified date</th><th>SPID</th><th>Server Name</th><th>Login Name</th><th>Object set as SYSADMIN</th></tr>' +
+    CAST(( SELECT 'CRITICAL' AS 'td','',AL.DA_App_Name AS 'td','',
+         DA_Host_Name AS 'td','',
+         PostTime AS 'td','',
+         SPID AS 'td','',
+         ServerName AS 'td','',
+         isnull(LoginName,'') AS 'td','',
+         isnull(ObjectName,'') AS 'td',''
+   FROM #DDLSysadminLog AL
+  FOR XML PATH('tr'), ELEMENTS ) AS NVARCHAR(MAX)) +
+      N'</table></body>' ;
+
+    /* Get default mailbox profile name */
+    DECLARE @defaultprofilname varchar(100)
+    SELECT DISTINCT @defaultprofilname = p.name FROM msdb.dbo.sysmail_profile p JOIN msdb.dbo.sysmail_principalprofile pp ON pp.profile_id = p.profile_id AND pp.is_default = 1
+
+    /* SEND MAIL */
+    EXEC msdb.dbo.sp_send_dbmail     
+          @profile_name = @defaultprofilname,  
+          @recipients = @email,
+          @body = @html,
+          @importance = @mailImportance,
+          @subject = @subject,
+          @body_format = 'HTML';
+  END
+
+  /* Drop temp tables */
+  DROP TABLE #DDLSysadminLog
+
+END TRY
+BEGIN CATCH 
+  SELECT @errno = 70003,
+         @errmsg = 'error on sp_ddl_sysadmin! ' + error_message()
+  goto error_99
+END CATCH; 
+
+/*------------------ Retour au programme appelant -----------------*/
+
+RETURN(@@error);
+
+/*---------------------- Traitement des erreurs ----------------------*/
+error_99:
+  RAISERROR (@errmsg, 16, 1);
+  RETURN(@errno);
+
+
+GO
+
+