How do I create a new user in a SQL Azure database?

Question

I am trying to use the following template:

-- =================================================
-- Create User as DBO template for SQL Azure Database
-- ====         


        

Answer 1

I think the templates use the following notation: variable name, variable type, default value.

Sysname is a built-in data type which can hold the names of system objects.

It is limited to 128 Unicode character.

-- same as sysname type
declare @my_sysname nvarchar(128);

Answer 2

You can simply create a contained user in SQL DB V12.

Create user containeduser with password = 'Password'

Contained user login is more efficient than login to the database using the login created by master. You can find more details @ http://www.sqlindepth.com/contained-users-in-sql-azure-db-v12/

Answer 3

1 Create login while connecting to the master db (in your databaseclient open a connection to the master db)

CREATE LOGIN 'testUserLogin' WITH password='1231!#ASDF!a';

2 Create a user while connecting to your db (in your db client open a connection to your database)

CREATE USER testUserLoginFROM LOGIN testUserLogin; Please, note, user name is the same as login. It did not work for me when I had a different username and login.

3 Add required permissions

EXEC sp_addrolemember db_datawriter, 'testUser'; You may want to add 'db_datareader' as well.

list of the roles:

https://docs.microsoft.com/en-us/sql/relational-databases/security/authentication-access/database-level-roles?view=sql-server-ver15

I was inspired by @nthpixel answer, but it did not work for my db client DBeaver. It did not allow me to run USE [master] and use [my-db] statements.

https://azure.microsoft.com/en-us/blog/adding-users-to-your-sql-azure-database/

How to test your user?

Run the query bellow in the master database connection.

SELECT A.name as userName, B.name as login, B.Type_desc, default_database_name, B.*
FROM sys.sysusers A
    FULL OUTER JOIN sys.sql_logins B
       ON A.sid = B.sid
WHERE islogin = 1 and A.sid is not null

List of all users in Azure SQL

Answer 4

I use the Azure Management console tool of CodePlex, with a very useful GUI, try it. You can save type some code.

Answer 5

create a user and then add user to a specific role:

CREATE USER [test] WITH PASSWORD=N'<strong password>'
go
ALTER ROLE [db_datareader] ADD MEMBER [test]
go

Answer 6

Edit - Contained User (v12 and later)

As of Sql Azure 12, databases will be created as Contained Databases which will allow users to be created directly in your database, without the need for a server login via master.

CREATE USER [MyUser] WITH PASSWORD = 'Secret';
ALTER ROLE [db_datareader] ADD MEMBER [MyUser];

Note when connecting to the database when using a contained user that you must always specify the database in the connection string.

Traditional Server Login - Database User (Pre v 12)

Just to add to @Igorek's answer, you can do the following in Sql Server Management Studio:

Create the new Login on the server
In master (via the Available databases drop down in SSMS - this is because USE master doesn't work in Azure):

create the login:

CREATE LOGIN username WITH password='password';

Create the new User in the database
Switch to the actual database (again via the available databases drop down, or a new connection)

CREATE USER username FROM LOGIN username;

(I've assumed that you want the user and logins to tie up as username, but change if this isn't the case.)

Now add the user to the relevant security roles

EXEC sp_addrolemember N'db_owner', N'username'
GO

(Obviously an app user should have less privileges than dbo.)