User management in DataGrip for MS SQL Server

Completed

The typical way we create logins in SQL Server Management Studio (SSMS) is to add a "New Login" on the server with Windows Authentication, which gives a query like:

USE [master]
CREATE LOGIN [DOMAIN\User.Name] FROM WINDOWS WITH DEFAULT_DATABASE=[master]

And then right-click the login, select properties and under "User Mapping" check the databases and roles that user should have access to, resulting in a query like:

USE [DatabaseOne]
CREATE USER [DOMAIN\User.Name] FOR LOGIN [DOMAIN\User.Name]
ALTER ROLE [db_datareader] ADD MEMBER [DOMAIN\User.Name]

USE [DatabaseTwo]
CREATE USER [DOMAIN\User.Name] FOR LOGIN [DOMAIN\User.Name]
ALTER ROLE [db_datareader] ADD MEMBER [DOMAIN\User.Name]
ALTER ROLE [db_datawriter] ADD MEMBER [DOMAIN\User.Name]
ALTER ROLE [db_ddladmin] ADD MEMBER [DOMAIN\User.Name]

In DataGrip under "Server Objects\Server Principals", I can create a new WINDOWS_LOGIN server principal which gives a similar query to the first one (but without the DEFAULT_DATABASE unless we manually specify it), however I can't figure out how to do the equivalent of the user mapping.

If I right-click on the login in DataGrip and select "Modify Login...", there is very little to modify there. If I go to the target database and click "New \ Database Principal..." or "New \ Server Principal...", none of the types give the CREATE USER FOR LOGIN script.

Am I looking in the wrong place, or is this something DataGrip doesn't currently support? It's inconvenient to have to use SSMS each time we need to modify SQL Server permissions, but the DataGrip UI for SQL Server permissions is very confusing.

Thanks.

0
2 comments

At the moment there is no way to make it via UI. You need to type queries manually.

0

Please sign in to leave a comment.