An Active Directory user account, called Domain1\UserA, is a member of an Active Directory Group, called Domain1\GroupA.
Domain1\GroupA has a login on SQL server SQL1.
Domain1\GroupA is a user in UserDB1 on SQL1.
Domain1\GroupA is a member of the db_datareader fixed db role in UserDB1.
Domain1\UserA performs a "select top 10 * from Table1" in UserDB1.
Now suppose I, as an administrator, would like to view Domain1\UserA's access path to executing that sql statement. I want to see how his account via AD group membership and SQL fixed db role membership was able to run that select statement. Is there a tool, method, whatever that is able to capture and display that information?