# Permissions dropped via CLI that aren't flagged as differences

Posts: 4 New member
edited October 26, 2021 2:14PM
I am comparing between a sqlproj and a remote database using the following command line switches.

& "C:\Program Files (x86)\Red Gate\SQL Compare 14\sqlcompare.exe" 
"/Scripts1:'path\to\sqlproj'"
"/Database2:'dbname'" 
"/Server2:'servername'"
"/UserName2:'username'" 
"/exclude:Additional" 
"/include:StoredProcedure" "/include:Function" "/include:View" "/include:Identical"
"/report:Report.html" "/ReportType:html" 
"/synchronize"
"/ScriptFile:Deploy.sql" `
"/verbose"

My goal is to only deploy changes to stored procedures, views, and functions that already exist in both the source and destination or are new in the source. The synchronize operation should not drop anything. My understanding is that /exclude:Additional handles that for me.

However since activating this last week, I've seen almost 50 permissions being dropped randomly. Sometimes when the command runs nothing is dropped, sometimes 5-10 permissions get revoked. The permissions being revoked are scripted as follows:

REVOKE VIEW CHANGE TRACKING ON  [schema].[table] TO [user]

When I inspect the report these permissions are not shown as differences. I am using SQL Compare V14.5.22.19589

Is this intended behavior based on the switches I have selected? Do I need to use an exhaustive set of excludes? Why is the behavior of the drops erratic?

At one point even some sequences were altered using the above switches. How does that happen?

Tagged:

• Posts: 4 New member
I think one issue is that the options weren't being set correctly. According to the documentation the tool should detect that I'm running against an SSDT project and ignore permissions. That wasn't the case. Since I've set those options myself, I'm not seeing permissions being dropped anymore.

However sequences are still getting altered even after adding "/exclude:Sequence"
• Posts: 4 New member
Looks to be related to the Default option set including dependencies. I've removed that so we'll see how things go now.
• Posts: 4 New member
To summarize what I think happened:
• Permissions were dropped because there were some that existed in the target but not the source. It's confusing that /exclude:Additional didn't prevent this.
• Sequences were altered because objects were deployed that had sequences that were dependencies. Again it's confusing (and I think undocumented) that IncludeDependencies overrides /excludes.
• Posts: 320 Silver 1

Thanks for your updates on this, it appears you have come to a conclusion on this. I will pass back your comment around the undocumented behavior of IncludeDependencies overriding /excludes to our development team.

Kind regards

Dan Jary | Redgate Software
Have you visited our Help Center?