http://www.sqlservercentral.com/blogs/brian_kelley/archive/2009/02/24/detecting-when-a-login-has-implicit-access-to-a-database.aspx
SELECT sp1.[name] [Login], 'sysadmin role' [Method]
FROM sys.server_principals sp1
JOIN sys.server_role_members srm
ON sp1.principal_id = srm.member_principal_id
JOIN sys.server_principals sp2
ON srm.role_principal_id = sp2.principal_id
WHERE sp2.NAME = 'sysadmin'
UNION ALL
SELECT sp3.[name], 'CONTROL SERVER'
FROM sys.server_principals sp3
JOIN sys.server_permissions perm
ON sp3.principal_id = perm.grantee_principal_id
WHERE perm.class = 100
AND perm.[type] = 'CL'
AND state = 'G'
ORDER BY [Login], [Method];
Blogged with the Flock Browser
