Information
A database user for which the corresponding SQL Server login is undefined or is incorrectly defined on a server instance cannot log in to the instance and is referred to as orphaned and should be removed.
Rationale:
Orphan users should be removed to avoid potential misuse of those broken users in any way.
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
If the orphaned user cannot or should not be matched to an existing or new login using the Microsoft documented process referenced below, run the following T-SQL query in the appropriate database to remove an orphan user:
USE [<database_name>];
GO
DROP USER <username>;
References:
http://msdn.microsoft.com/en-us/library/ms175475(v=sql.100).aspx
http://msdn.microsoft.com/en-us/library/ms175475(v=sql.105).aspx