How to set up SQL Server Principal on Azure SQL database - sql-server

I am trying to set up a connection string for an MVC website that uses an Azure website, and I am having trouble getting it to connect.
I can connect via SSMS using the SA account. But I would like to create a SQL Server principal that has data-reader, and data-writer privileges.
I have set up a SQL Server principal on Azure according to this.
However, when I try to log in with it using SSMS, I get the following message:
Unable to connect to default database 'Master' Login Failed.
This is the script:
CREATE LOGIN Test WITH PASSWORD='...'
use AskProd
go
Create user Test from login Test
go
exec sp_addrolemember 'db_datareader', 'Test'
exec sp_addrolemember 'db_datawriter', 'Test'

With Azure SQL your default database is Master and you can't change it. That is why it worked from the connection string where you specify a database but not from SSMS.
You can specify the database you want to connect to in the SSMS Server connection screen if you click on options.
Or if you want this new user to be able to connect to Master create a user for it in Master along with the login.

Related

Azure SQL is not letting me create a SQL User

I have a Database server created in Azure [not a managed instance] and a Server Admin user was created, many SQL users were added and they were able to login without any issues. Now all of a sudden, SQL users I newly create can't login. It's giving Login failed message with Error# 18456
Here are the SQL commands I am using to create the user [after logging in as Server Admin]:
CREATE LOGIN reportslogin WITH password='' - this in "master" database
CREATE USER reportsuser from LOGIN reportslogin - this is in MyDatabase
ALTER ROLE db_datareader ADD MEMBER reportsuser - this again is in MyDatabase
Now I disconnect the server and when I try reconnecting to the server using the reportsuser, I get this:
What am I doing wrong?
Actually, the error is caused by you database login name.
You should using the Login reportslogin to login the database, not the username reportsuser !
We must using the login name to access the Azure SQL database, not the username.
A login is a simple credential for accessing SQL Server. For example,
SQL Login is for Authentication and SQL Server User is for Authorization. Authentication can decide if we have permissions to access the server or not and Authorization decides what are different operations we can do in a database. Login are created at the SQL Server instance level and User is created at SQL Server database level.
Please reference:
Login and SQL User
Difference between a User and a Login in SQL Server
Suggestions:
create the login and user with the same name:
USE master
CREATE LOGIN reportslogin WITH password='Xunmi110'
USE user_database
CREATE USER reportsuser FOR LOGIN reportslogin
ALTER ROLE db_datareader ADD MEMBER reportsuser
One login for one user.
Hope this helps.

How to create new SQL Server login and assign permission to access database to it?

I need to create an vb.net console application which will access our existing SQL Server database, but the problem is that the provider didn't give us login name and password to access the database.
So is there any way by which can I create a new login with password and assign them full permission or read permission to access the database ? I have full access to the system on which the SQL Server 2008 R2 is installed.
There are a few assumptions made to this:
1) The SQL Server is set up to allow mixed authentication
2) The SQL Server is allowed to use TCP/IP or Named Pipes for logins
3) The account you say has "full access" to the system ALSO has sysadmin (aka full access) on the SQL server instance or at least permissions to do user maintenance.
Assuming all those then login to the SQL server and run something like below
CREATE LOGIN [app_usr] WITH PASSWORD=N'password', DEFAULT_DATABASE=[databaseName], DEFAULT_LANGUAGE=[us_english], CHECK_EXPIRATION=OFF, CHECK_POLICY=OFF
GO
USE [databaseName]
GO
CREATE USER [app_usr] FOR LOGIN [app_usr]
GO
/**** You can choose to only run the following statements that you want***/
-- The following gives the user the ability to read all tables in the db
USE [master]
GO
EXEC sp_addrolemember N'db_datareader', N'app_usr'
GO
-- The following gives the user the ability to write to all tables in the db
USE [master]
GO
EXEC sp_addrolemember N'db_datawriter', N'app_usr'
GO
-- The following gives the user the ability to do anything in the db
USE [master]
GO
EXEC sp_addrolemember N'db_owner', N'app_usr'
GO
Additional default roles and a better description can be found here or make your own or whatever - at this point the user is created and you should be able to access it through your application
I have full access to the system on which the SQL Server 2008 R2 is
installed.
If you are local Windows admin, you can restart SQL Server in single user mode and you'll be sysadmin at that moment:
Start SQL Server in Single-User Mode
There is another solution for SQL Server 2008 R2.
As previuosly said, you should be Windows admin on this pc.
You can access SQL Server under LocalSystem account using this program: PsExec v2.2
Just run ir with -s i.e. Run the remote process in the System account.
This way you can connect to SQL Server without restarting it at all.

Server principal already exists but doesn't show in SSMS

I have created Logins in Azure SQL via SSMS on two other environments, but on the third Azure SQL Server, the same exact SQL command creates logins but they don't show in SSMS. I am using these Logins to then users for databases. As I have stated it has worked on every other Azure SQL Server.
However, when I create my Logins, they don't show up under Security > Logins and if I try to create user for the db, I get the following error:
'myuser' is not a valid login or you do not have permission.
Here is my SQL to create the Login:
CREATE LOGIN myuser WITH PASSWORD = 'p#ssword';
Here is my SQL I run on a selected database to add the above created user with execute rights:
CREATE USER [myuser] FROM LOGIN [myuser];
GRANT EXECUTE TO [myuser]
To be clear, the Login (first SQL) said that it is created, but it doesn't show in SSMS and doesn't allow me to create Users in the DBs

Sql azure blank database username and password missing

I created a sql azure DB. I had 3 options as source:
blank database
sample
backup
I selected blank. No username and password was asked. in the connection string there is a place holder for username and password. What should I give here?
And more over I am not able to connect to this DB from VS studio(asking username and password).
Edited Later: Actually I get to give user name and password when I create a server and not a DB. what I did above was creating a new db on an existing server and hence no username was asked.
You will need to use the credentials that you set up when configuring the hosting SQL Azure Server. If you want to use another account just for that database (recommended), you will need to login to the SQL Azure Server using the original credentials and follow this post:
SCRIPT :
connect to Master and run below query:
CREATE LOGIN blog WITH password='xxxxxxx'
GO
CREATE USER [blog] FOR LOGIN [blog] WITH DEFAULT_SCHEMA=[dbo]
GO
Then Connect to Database of your choice and run below:
CREATE USER [blog] FOR LOGIN [blog] WITH DEFAULT_SCHEMA=[dbo]
GO
EXEC sp_addrolemember 'db_owner', 'blog';
GO
please see the below link for more details
http://kitsula.com/Article/How-to-create-custom-user-login-for-Azure-SQL-Database

Can't connect to SQL Server Express database

I'm new to SQL Server Express, I'm running on a vagrant on SQL Server 2012 Express.
I configured user and password and I'm able to connect to the server, but when I add the name of the database I want to connect to it prompts with invalid user/password combination.
I created the database:
CREATE DATABASE db_user1
GO
And I have created the user using:
CREATE LOGIN [user1] WITH PASSWORD='user1'
GO
CREATE USER [user1] FOR LOGIN [user1] WITH DEFAULT_SCHEMA=[dbo]
GO
With no errors.
I had to add the new user to the sysadmin group.

Resources