2. Logins and Users
Now that you've created a
database, you need to grant access to other users. This section
discusses creating logins and users, and allowing others to access the
SQL Azure environment. Creating logins and users is similar to doing so
locally; but as you found out when creating databases, there are T-SQL
limitations.
When granting access to
another user, you must first create the login for that user. Then, you
create the user based on that login. A login is used for authentication;
a user account is used for database access and permission validation.
2.1. Logins
When creating logins and users, you must be connected to the master database. You then can use the CREATE LOGIN command as follows:
CREATE LOGIN loginname WITH PASSWORD = 'password'
You must use the WITH PASSWORD
option and specify a password. Several options you may be used to from
using SQL Server locally aren't support in SQL Azure, such as DEFAULT_DATABASE and DEFAULT_LANGUAGE.
2.2. Users
Now that you've created a
login, let's create a user based on it. This is also simple. The syntax
is nearly equivalent to the local syntax:
CREATE USER username
This syntax works if there is a login with the same name. For example, the following is valid:
CREATE LOGIN myuser WITH PASSWORD = 'T3stPwd001'
CREATE USER myuser
However, the following fails:
CREATE LOGIN myuser WITH PASSWORD = 'T3stPwd001'
CREATE USER myotheruser
You must use the FROM LOGIN clause when creating a user whose username differs from that of the login name:
CREATE USER username FROM LOGIN loginname
Thus, the correct syntax is the following:
CREATE LOGIN myuser WITH PASSWORD = 'T3stPwd001'
CREATE USER myotheruser FROM LOGIN myuser
NOTE
SQL Azure doesn't support GUEST accounts. When you create a user, it must be based on an existing login.
OK, enough about creating databases, users, and logins.
