IMPORTANT: This alert will email you when it detects a change in high level role membership. This means that it will email you when ME is installed for the first time, because all of the role memberships are "new" then!
Note that there are several events that can cause the alert to generate an email:
- A login gains or loses membership in a high level role.
- A login is added, and gains membership in a high level role.
- A login with high level roles is dropped. Of course, it is no longer a member of those roles!
- A new server is added and marked active. In this case, all of the login role memberships are "new", as far as ME is concerned.
- An inactive server is marked active. Again, all the collected login role memberships will appear new.
- An active server is marked inactive. In this case, from ME's point of view, a bunch of logins no longer exist, and neither do their memberships.
The Alert Email
The alert email itself provides the type of alert, the Service Level to which it applies (e.g., Gold), and a count of alerts in the email, plus information for each individual alert item:- InstanceID
- ServerName
- LoginName
- AcctName
- LoginType
- AdminRole
- Status (i.e., New or Retired)
How it Works
Minion Enterprise collects login, role, and Active Directory data at regular intervals. Additionally, ME keeps a "master list" of logins and roles in the table dbo.AdminRoleLoginList.IMPORTANT: dbo.AdminRoleLoginList is an interior work table. Do not modify the data in this table!
Each time an "AlertAdminRoleLoginNewRetired" job fires - for example, when AlertAdminRoleLoginNewRetired-GOLD fires - it checks the master list in dbo.AdminRoleLoginList against the most recent login and role collections for all Gold servers. If there are any differences, it fires off an email.