I read this article: https://msdn.microsoft.com/en-us/library/azure/ee336235.aspx
I don't know how to connect to the master database. I don't see it anywhere on the portals.
I want to be able to manage which credentials have access to which db and at which level. Preferably using a GUI.
There are a couple of ways to manage credentials in Azure SQL DB.
The simplest is to use the GUI in the NEW azure portal (https://portal.azure.com/) -- open the SQL Database server of interest and manage access using the "Roles" and "Users" options in the "Access" group at the bottom of your Server pane.
You can also connect to the Server using Visual Studio (SQL Server Data Tools add-in). Open Visual Studio and under VIEW, select SQL Server Object Explorer. You can add the Azure DB server to that tree, you will have an option of connecting to the "Master" database (under System Databases) and running SQL commands to create users, or graphically add new users under Master > Security > Users. Once the user is created, logins can be created and then individual database permissions added.
Related
In Plesk v12.5.30, I have created a new SQL Server database named ngo_database and a new database user called ngo_databaseuser.
I can connect to this new database via Navicat for SQL Server v12.1.20 (after providing host “xxx” + user name “ngo_databaseuser” + password + initial database “ngo_database”), And I am able to access “ngo_database” database and create new tables and queries.
But when I try to connect via SSMS 2014 (after providing server name “xxx” + login “ngo_databaseuser” + password + connect to database “ngo_database”), I am not able to access “ngo_database” database and the only databases available are master + tempdb. And I am not able to import nor create a new user database.
BTW, I have checked with the hosting company and the “Grant the ALTER DATABASE permission to all Microsoft SQL Server database users” is checked.
What I am doing wrong and why I can’t access the database via SSMS?
Not being a see a database in the object explorer of SSMS does not equate to not being able to access it. When you can only see the databases master and tempdb this very likely means that either you have had a DENY permission for VIEW ANY DATABASE added to your login, or a Server Role it belongs to, or VIEW ANY DATABASE has been revoked from the public role and you haven't been granted it.
SSMS builds the list in the object explorer by using the sys objects, and without VIEW ANY DATABASE, it can't see the databases you have access to to retrieve the relevant objects from it.
You can check if you have access to the database by using USE {Your Database} or trying to query a table (such as SELECT * FROM {Your Database}.sys.objects;).
If you need the VIEW ANY DATABASE permission, you need to speak to your DBA.
I am facing problem regarding database permissions. I have created my database named FCProject. I created a login for that database in SQL Server Management Studio. My login is working fine but all I want to restrict access to FCProject database through users who can log in to SQL Server through Windows authentication mode.
Because I want only FC login to be able to view or modify data of FC database in SQL Server Management Studio.
I have tried creating a login through Management Studio. Is there any problem in creating login? Or something else? Please help
You are mixing up two things that should be kept separate here:
A login is on the server level - it gives an account (a Windows account, or a SQL Server specific account) the permission to connect to this server
Each database can then define user for its own use - based on those logins.
So in your case, what you need to do is to:
create a number of logins on the server-level
create users in your FCLogin database for just those logins
and then you're fine - only those accounts that you've defined explicitly can access your FCLogin database and use it.
See the Stairway to SQL Server security series of articles on SQL Server Central (very well worth registering for their contents!) which explains all the ins and outs in great detail
I'd like to browse data via excel and the data source is Analysis services database. After I grant my account to Roles->Membership in AS database in SQL Server, I can connect to the AS database and browse data from excel. But when I remove my account from the 'Membership' list, I can also connect to the AS database and browse data that makes me very confused. So I guess if there's cache in AS database or I should do other actions to make the configuration into effect?
If you are able to modify the SSAS roles you are probably in the admin list of the SSAS server. Here is a screenshot from Microsoft on how to edit the server admin list:
http://msdn.microsoft.com/en-us/library/ms174561.aspx
You can test the SSAS role functionality via MS SQL Server Management Studio by browsing the cube and changing the security context: http://easyroles.com/2014/02/testing-role-functionality/. This will allow you to have the 'look and feel' of the cube as if you were a user with limited access.
You should reconnect to the cube every time you change role definition to avoid weird caching issues.
I am trying to create a login system on an asp.net website which allows a user to register and log in the website. I require the registered user details to be stored on a database which I already have on Azure.
I have so far created the login system as shown here: http://msdn.microsoft.com/en-us/library/windowsazure/hh508981.aspx and the form works. However, when I log in to the azure management portal I cannot find the user's registered details. I also need to add more fields to the registration form in the database.
Does anyone know where I can view the registered users and how I can add more fields?
If you follow the same link you used to create your application you will see the schema that is used by SQL Azure to store this information as below:
Now if you want to access this database directly, what you really need is SQL Server Management Studio (SSMS) to connect with this Database and access it from your local machine. Follow this link below to download and configure SQL Azure studio locally so you can connect to SQL database and the modify the schema or look the records etc. Once you have SSMS connected with SQL Database, you can manage it like any other on-premise database.
Managing Windows Azure SQL Database using SQL Server Management Studio
I have a SQL Server 2008, which is part of a domain. Now I make a backup of a database of this server and restore it on a SQL Server, which is not part of a domain.
I have an C# application, which uses this database. On the NON-Domain machine I get now exceptions like this:
"Cannot execute as the database prinzipal because the principial "dbo" does not exist, this type of principal cannot be impersonatedm or you don not have the permission"
I think, the problem is, that the database owner is a domain user and this user doesn't exist on the target machine (backup machine)!? How can I solve this ?
The MS SQL server follows a 2 layer user system.
You must make sure that your login is an actual login on the SQL Server (this refers to the SQL Server itself NOT to the actual database).
You find the SQL Server users in the Management Studio under:
Server root -> Security - Logins
After you ensured that your login is available you have to map it to a user/schema. In Order todo so you must:
Select the SQL Server user you want to map
Right click on the user
Select properties
Switch to the User Mapping tab
Choose the database you want to create a mapping for
Select the Database user you want to associate the currently selected SQL Server user with
Done