Azure SQL Does not allow login for Created Clients

0

I created several users for Azure SQL using the free acccount in a database in Azure Data Studio following the recommended procedure:

  • add client ip addresses to firewall
  • create login on the master database
  • create users
  • add appropriate roles that at least encompass db_accessadmin

Despite this, my attempts to login with Azure Data Studio and SSMS continue to fail unless I use the admin account created on setup. The only eror information is:

Login Failed

I am trying to connect from my ip address and even added my ip address to the database firewall. Am I missing something?

EDIT

The command run on master to create a user [username and password changed]:

CREATE LOGIN userlogin WITH PASSWORD='my_password';

The commands run on the database:

CREATE USER myuser FROM LOGIN userlogin;
ALTER ROLE db_datawriter ADD MEMBER myuser;
ALTER ROLE db_datareader ADD MEMBER myuser;
ALTER ROLE db_accessadmin ADD MEMBER myuser;

Details from Azure Data On attempt to access the database:

Microsoft.Data.SqlClient.SqlException (0x80131904): Login failed for user 'myuser'.
   at Microsoft.Data.SqlClient.SqlInternalConnection.OnError(SqlException exception, Boolean breakConnection, Action`1 wrapCloseInAction)
   at Microsoft.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose)
   at Microsoft.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady)
   at Microsoft.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance)
   at Microsoft.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken, DbConnectionPool pool, SqlAuthenticationProviderManager sqlAuthProviderManager)
   at Microsoft.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
   at Microsoft.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
   at Microsoft.Data.ProviderBase.DbConnectionFactory.<>c__DisplayClass40_0.<TryGetConnection>b__1(Task`1 _)
   at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location where exception was thrown ---
   at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot)
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.SqlTools.ServiceLayer.Connection.ReliableConnection.ReliableSqlConnection.<>c__DisplayClass30_0.<<OpenAsync>b__0>d.MoveNext() in D:\a\1\s\src\Microsoft.SqlTools.ManagedBatchParser\ReliableConnection\ReliableSqlConnection.cs:line 314
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.SqlTools.ServiceLayer.Connection.ConnectionService.TryOpenConnection(ConnectionInfo connectionInfo, ConnectParams connectionParams) in D:\a\1\s\src\Microsoft.SqlTools.ServiceLayer\Connection\ConnectionService.cs:line 549
ClientConnectionId:0682c1d3-d252-4379-b0b2-c00364e90356
Error Number:18456,State:1,Class:14

EDIT 2

Well, after some head scratching, I found SSMS. It works like a charm using the same commands. Not sure but the default commands had an N before the roles and role user. It also switched FROM LOGIN to FOR LOGIN I just have up on Azure Data Studio for a while though.

sql
azure
azure-sql-database
azure-sql-data-warehouse
azure-sql-managed-instance
asked on Stack Overflow Jul 10, 2020 by Andrew Scott Evans • edited Jul 11, 2020 by Andrew Scott Evans

1 Answer

1

The issue was you accidentally used FOR instead of From. Most of the documentation I have seen show that it shouldn't matter. The only thing I could think of is that if you got the remarks section [https://docs.microsoft.com/en-us/sql/t-sql/statements/create-user-transact-sql?view=sql-server-ver15#remarks]

The example explicitly uses from, then there are other references From external providers. I wonder if there is something that maybe AD wants the From.

Could just have been a hiccup in the matrix.

https://docs.microsoft.com/en-us/sql/t-sql/statements/create-user-transact-sql?view=sql-server-ver15

Just glad you got it working, and that I was able to help.

answered on Stack Overflow Jul 13, 2020 by Ron

User contributions licensed under CC BY-SA 3.0