After finding your SQL instances in Chapter 6, creating an inventory in Chapter 7 and adding them to a Registered Server or Central Management Server in Chapter 8, [you are now ready to deal with] users and logins.
Ensuring that our business users and applications can successfully connect to the databases that they require [is a good way to address issues before they happen. This reduces the time a DBA has to spend in resolving issues after they cause problems.]
In this chapter we are going to show how you can simplify the work that is required to administer instance logins and database users. We are going to do this by following some common DBA stories around logins. By following along with these scenarios, you will learn how to: read the error log to find the issue; create new logins and users; identify and repair orphaned users; sync logins across Availability Group replicas; use source control to control user account changes; export a T-SQL script of your users; and how to identify the way that a user gained access via nested Activity Directory Groups.
In this story, an application owner reports that they cannot connect to the database and the login failure is obscured by the connecting application. While we expect an error like "Could not find a login matching the name provided", the application just returns "Login failed" to the user and the application logs simply show "Can’t connect to the database."