Azure SQL 不允许登录已创建的客户端
Azure SQL Does not allow login for Created Clients
我按照推荐的步骤使用 Azure Data Studio 数据库中的免费帐户为 Azure SQL 创建了多个用户:
- 将客户端 IP 地址添加到防火墙
- 在主数据库上创建登录
- 创建用户
- 添加至少包含 db_accessadmin
的适当角色
尽管如此,我尝试使用 Azure Data Studio 和 SSMS 登录仍然失败,除非我使用在设置时创建的管理员帐户。唯一的错误信息是:
Login Failed
我正在尝试从我的 IP 地址连接,甚至将我的 IP 地址添加到数据库防火墙。我错过了什么吗?
编辑
master 上创建用户[用户名和密码已更改]的命令运行:
CREATE LOGIN userlogin WITH PASSWORD='my_password';
数据库上的命令运行:
CREATE USER myuser FROM LOGIN userlogin;
ALTER ROLE db_datawriter ADD MEMBER myuser;
ALTER ROLE db_datareader ADD MEMBER myuser;
ALTER ROLE db_accessadmin ADD MEMBER myuser;
尝试访问数据库时来自 Azure Data 的详细信息:
Microsoft.Data.SqlClient.SqlException (0x80131904): Login failed for user 'myuser'.
at Microsoft.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at Microsoft.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at Microsoft.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at Microsoft.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken, DbConnectionPool pool, SqlAuthenticationProviderManager sqlAuthProviderManager)
at Microsoft.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
at Microsoft.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
at Microsoft.Data.ProviderBase.DbConnectionFactory.<>c__DisplayClass40_0.<TryGetConnection>b__1(Task`1 _)
at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location where exception was thrown ---
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot)
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.SqlTools.ServiceLayer.Connection.ReliableConnection.ReliableSqlConnection.<>c__DisplayClass30_0.<<OpenAsync>b__0>d.MoveNext() in D:\a\s\src\Microsoft.SqlTools.ManagedBatchParser\ReliableConnection\ReliableSqlConnection.cs:line 314
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.SqlTools.ServiceLayer.Connection.ConnectionService.TryOpenConnection(ConnectionInfo connectionInfo, ConnectParams connectionParams) in D:\a\s\src\Microsoft.SqlTools.ServiceLayer\Connection\ConnectionService.cs:line 549
ClientConnectionId:0682c1d3-d252-4379-b0b2-c00364e90356
Error Number:18456,State:1,Class:14
编辑 2
好吧,经过一番摸索,我找到了 SSMS。它使用相同的命令就像一个魅力。不确定,但默认命令在角色和角色用户之前有一个 N。它还将 FROM LOGIN 切换为 FOR LOGIN 不过我刚刚使用 Azure Data Studio 一段时间。
问题是您不小心使用了 FOR 而不是 From。我见过的大多数文档都表明这无关紧要。我唯一能想到的是,如果你有备注部分
[https://docs.microsoft.com/en-us/sql/t-sql/statements/create-user-transact-sql?view=sql-server-ver15#remarks]
示例中明确使用了from,那么还有其他引用来自外部提供者。我想知道是否有什么东西可能是 AD 想要的发件人。
可能只是矩阵中的一个小问题。
https://docs.microsoft.com/en-us/sql/t-sql/statements/create-user-transact-sql?view=sql-server-ver15
很高兴你成功了,而且我能够提供帮助。
我按照推荐的步骤使用 Azure Data Studio 数据库中的免费帐户为 Azure SQL 创建了多个用户:
- 将客户端 IP 地址添加到防火墙
- 在主数据库上创建登录
- 创建用户
- 添加至少包含 db_accessadmin 的适当角色
尽管如此,我尝试使用 Azure Data Studio 和 SSMS 登录仍然失败,除非我使用在设置时创建的管理员帐户。唯一的错误信息是:
Login Failed
我正在尝试从我的 IP 地址连接,甚至将我的 IP 地址添加到数据库防火墙。我错过了什么吗?
编辑
master 上创建用户[用户名和密码已更改]的命令运行:
CREATE LOGIN userlogin WITH PASSWORD='my_password';
数据库上的命令运行:
CREATE USER myuser FROM LOGIN userlogin;
ALTER ROLE db_datawriter ADD MEMBER myuser;
ALTER ROLE db_datareader ADD MEMBER myuser;
ALTER ROLE db_accessadmin ADD MEMBER myuser;
尝试访问数据库时来自 Azure Data 的详细信息:
Microsoft.Data.SqlClient.SqlException (0x80131904): Login failed for user 'myuser'.
at Microsoft.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
at Microsoft.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
at Microsoft.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
at Microsoft.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
at Microsoft.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken, DbConnectionPool pool, SqlAuthenticationProviderManager sqlAuthProviderManager)
at Microsoft.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
at Microsoft.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
at Microsoft.Data.ProviderBase.DbConnectionFactory.<>c__DisplayClass40_0.<TryGetConnection>b__1(Task`1 _)
at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location where exception was thrown ---
at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot)
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.SqlTools.ServiceLayer.Connection.ReliableConnection.ReliableSqlConnection.<>c__DisplayClass30_0.<<OpenAsync>b__0>d.MoveNext() in D:\a\s\src\Microsoft.SqlTools.ManagedBatchParser\ReliableConnection\ReliableSqlConnection.cs:line 314
--- End of stack trace from previous location where exception was thrown ---
at Microsoft.SqlTools.ServiceLayer.Connection.ConnectionService.TryOpenConnection(ConnectionInfo connectionInfo, ConnectParams connectionParams) in D:\a\s\src\Microsoft.SqlTools.ServiceLayer\Connection\ConnectionService.cs:line 549
ClientConnectionId:0682c1d3-d252-4379-b0b2-c00364e90356
Error Number:18456,State:1,Class:14
编辑 2
好吧,经过一番摸索,我找到了 SSMS。它使用相同的命令就像一个魅力。不确定,但默认命令在角色和角色用户之前有一个 N。它还将 FROM LOGIN 切换为 FOR LOGIN 不过我刚刚使用 Azure Data Studio 一段时间。
问题是您不小心使用了 FOR 而不是 From。我见过的大多数文档都表明这无关紧要。我唯一能想到的是,如果你有备注部分 [https://docs.microsoft.com/en-us/sql/t-sql/statements/create-user-transact-sql?view=sql-server-ver15#remarks]
示例中明确使用了from,那么还有其他引用来自外部提供者。我想知道是否有什么东西可能是 AD 想要的发件人。
可能只是矩阵中的一个小问题。
https://docs.microsoft.com/en-us/sql/t-sql/statements/create-user-transact-sql?view=sql-server-ver15
很高兴你成功了,而且我能够提供帮助。