Requested Feature: Nested Impersonation #31
Comments
|
You are correct, nested impersonation is possible in SQL Server. Both at the SQL Server login and database user levels. We have done it manually a few times, but haven't taken the time to automate it yet. I'll put it in our follow up list, and see if we can get it addressed before EOY. I think we'd like to add the feature as a "-Recursive" or "-Nested" flag in the existing "Invoke-SQLAuditPrivImpersonateLogin" and "Invoke-SQLAuditPrivImpersonateLogin" functions. |
|
Thanks for adding the feature request for me. I'll keep working on it and submit a pull request once I get a functioning version. |
|
No worries, thanks for reaching out. It should be a fun feature. I’m curious to see what trends it may uncover once we find an opportunity to run it on scale. Cool stuff! |
Would it be possible to implement nested impersonation capabilities in the scenario in which you cannot go straight to sysadmin? If not, am I missing an understanding as to why it is not possible?
The text was updated successfully, but these errors were encountered: