Quick post on how to add a database role to all your databases and grant EXEC to said role. This will also add the specified user to said role (aptly named db_exec). Use with caution, minimally tested.
[System.Reflection.Assembly]::LoadWithPartialName('Microsoft.SqlServer.SMO') | out-null
$servers = @('ServerName')
$roleName = 'db_exec'
$LoginName = 'LoginName';
try{
foreach($server in $servers){
$srv = New-Object ('Microsoft.SqlServer.Management.Smo.Server') $server
if (-not $srv.Logins.Contains($LoginName)){
throw "Login $LoginName does not exist on server $server"
return;
}
$login = $srv.Logins[$LoginName]
foreach($database in $srv.Databases | where{-not $_.IsSystemobject -and $ignoreDBs -notcontains $_.Name -and $_.Status -eq [Microsoft.SqlServer.Management.Smo.DatabaseStatus]::Normal}){
if(-not $database.Users.Contains($login.Name)){
$user = New-Object('Microsoft.SqlServer.Management.Smo.User') $database, $login.Name
$user.Login = $login.Name
$user.create();
}
$user = $database.Users[$LoginName]
if(-not $database.Roles.Contains($roleName)){
$role = New-Object('Microsoft.SqlServer.Management.smo.DatabaseRole') $database, $roleName
$role.Create();
}
$role = $database.Roles[$roleName]
$role.AddMember($user.Name);
$objDbPerms = New-Object Microsoft.SqlServer.Management.Smo.DatabasePermissionSet
$objDbPerms.Execute = $true
$database.Grant($objDbPerms, $roleName);
$database.Alter();
}
}
}
catch{
$_ | fl -Force
}
Sql Server Powershell 
Leave a comment