I just recently logged onto one of our Test environments to find i did not have permissions, turns out my instance security Login had been disabled
I have a feeling towards whom may have done this but i need to see if i can see this in the logs,
Is it possible to see when and possibly whom altered these permissions in the SQL logs somewhere and if so how
Unfortunately being a test environment the only database on the instance has probably been overwritten a number of times in the meantime.
for clarity i want to know whom disabled the login
Best Answer
If I'm not mistaken the default trace contains property changes to logins which should include an account being disabled. An article that walks though the various information you can get from the default trace.
EDIT
OK, already confirmed not much at all is captured with manipulating logins on an instance. So unless you had something already capturing the information like SQL Server Audit (if on 2008 or higher), there is nothing natively logged by SQL Server to let you know who did it.
If you happen to be logging successful logins to that instance you can determine who was logged in that had the permissions but that is the closest you will likely get.