Follow sqlserver-dba.com

Subscribe to RSS feed  Follow @jackvamvas - Twitter

*Use the Comments section for questions

SQLServer-DBA.com Links

Dba_db2_button

dba-ninja.com

SQL Server DBA Jobs

Difference between ORIGINAL_LOGIN() and CURRENT_USER

02 January,2019 by Tom Collins

ORIGINAL_LOGIN()  and CURRENT_USER are useful functions in  SQL Server , used to report on identities within SQL Server sessions.

The purpose of the ORIGINAl_LOGIN() is to return the value of the login which made the original connection to SQL Server.

CURRENT_USER - Returns the name of the current user. This function is equivalent to SELECT USER_NAME().  

The definitions  sound similar but there are some differences.    When using CURRENT_USER , the value will change according to different impersonations used.

In this example , we are using the EXECUTE AS functionality - which allows a login to execute code as another login - as long as the right permissions are in place. If you run this code , assuming you have a login called "jvtest" - , you'll see the 2nd instance current user , changes to the value of the EXECUTE AS , in other words , an impersonation is in progress.

You may find that in all the cases of select CURRENT_USER you may see "dbo". To read more about this situation read select current_user shows dbo

But the ORIGINAL_LOGIN() within the EXECUTE AS functionality - will return the login used to originally connect to SQL Server.

--1st current_user

select current_user
EXECUTE AS login = 'jvtest'

--2nd current user

select current_user
select original_login()

REVERT

--3rd current user
select current_user

 

The ORIGINAL_LOGIN() is useful when troubleshooting issues when impersonation is adopted , and is also a useful value to record in SQL Server security audits.

 

 


Author: Tom Collins (http://www.sqlserver-dba.com)


Share:

Verify your Comment

Previewing your Comment

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment on Difference between ORIGINAL_LOGIN() and CURRENT_USER


sqlserver-dba.com | SQL Server Performance Tuning | SQL Server DBA:Everything | FAQ | Contact|Copyright & Disclaimer