Verify Database Access with PowerShell

Even though there is no SQL Client tooling installed on a machine, PowerShell can be used to execute SQL. I recently had to verify that I had been granted Dbo rights on a database that was on a server only reachable from a web server. The web server of course had no SQL tooling whatsoever installed. To do that I created a small Powershell script that only relies on the .NET Framework.

The typical recommendation for executing SQL commands from powershell is to use the Invoke-Sqlcmd cmdlet. I’m sure its a good tool, but unfortunately it isn’t installed by default. Sometimes installing extra software is not an option, so instead I’ve used PowerShell’s built in capability to create and use .NET objects. The Sql client objects are included in the default .NET framework installation, so this should work on any Windows machine.

The script accepts a connection string and tries to connect to that database, read the schemas and finally create a table. The last step is done within a transaction that is rolled back, to ensure that no change is done to the database.

param (
	[Parameter(Mandatory=$true)]
	[string]$connectionString
)
 
$ErrorActionPreference = "Stop"
 
Write-Host -NoNewline -ForegroundColor Gray "Trying to open connection to the database... " 
 
$connection = New-Object -TypeName System.Data.SqlClient.SqlConnection -ArgumentList $connectionString
 
$connection.Open();
 
Write-Host -ForegroundColor Green "Success!"
Write-Host -NoNewline -ForegroundColor Gray "Trying to query list of schemas... "
 
$command = $connection.CreateCommand();
$command.CommandText="IF EXISTS (SELECT 1 FROM sys.schemas) SELECT 1 ELSE SELECT 0"
$result = $command.ExecuteScalar()
 
if($result -eq "0")
{
	throw "Can't read from database."
}
 
Write-Host -ForegroundColor Green "Success!"
Write-Host -NoNewline -ForegroundColor Gray "Trying to start a database transction... "
 
$transaction = $connection.BeginTransaction();
$command.Transaction = $transaction;
 
Write-Host -ForegroundColor Green "Success!"
Write-Host -NoNewline -ForegroundColor Gray "Trying to create a table... "
 
$command.CommandText="CREATE TABLE Dummy(id int identity(1,1))"
$result = $command.ExecuteNonQuery();
 
Write-Host -ForegroundColor Green "Success!"
Write-Host -NoNewline -ForegroundColor Gray "Rolling back transaction (effectively removing the table)... "
 
$transaction.Rollback();
 
Write-Host -ForegroundColor Green "Success!"
Write-Host
Write-Host "You have sufficient rights to create a table in the target database. This"
Write-Host "typically means that you are a member of the dbo role."

The output should be self explanatory

C:\Users\andabe\Desktop> .\CheckDboPermission.ps1 "Data Source=.;Initial Catalog=Empty;Integrated Security=True"
Trying to open connection to the database... Success!
Trying to query list of schemas... Success!
Trying to start a database transction... Success!
Trying to create a table... Success!
Rolling back transaction (effectively removing the table)... Success!
 
You have sufficient rights to create a table in the target database. This
typically means that you are a member of the dbo role.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.