In Focus

Azure Active Directory User/Group And Azure SQL Database

Azure Active Directory (AD) can be utilized to access several Azure resources like Azure SQL Database, Azure SQL Data Warehouse, Office 365, Salesforce, Dropbox, Adobe Create Cloud and more.

Introduction

By default, when somebody creates an Azure SQL Server, an Administrator with SQL Authentication is made as a matter of course. In any case, for authoritative purposes, it is a best practice to utilize Azure Active Directory.

Azure Active Directory is a cloud directory and identity management administration service having various qualifications for every application.

That is the reason using Azure AD for Azure SQL Database or other Azure applications is necessary. You can bring together the verification management. It also provides more high security to your Azure SQL Databases.

Learn how to

  • How to create an Azure Active Directory user
  • How to create an Azure Active Directory group and assign the user group
  • How to add an Azure Active Directory user/group as an Azure SQL Administrator
  • How to add Azure Active Directory users to Azure SQL Database

Requirements

  • A subscription to Azure
  • An Azure SQL Server and database created (if you do not have that, you can create a new one)

Getting started

By default, an Azure AD directory is already created. We will first create the user and then add it to a group. Finally, we will add it to the Azure SQL Database.

Step 1 - Create an Azure Active Directory User

In the Azure Portal, click on the account and select your directory.

Azure Active Directory User/Group And Azure SQL Database

The directory information like users and groups in Azure will show. In this example, the directory is hadshanakoutlook.onmicrosoft.com.

To create a user, in the Azure Active directory, press the > and look for Users and Groups. Go to All users and click the “New user”.

Azure Active Directory User/Group And Azure SQL Database

After that, add/fill-in the information about the user like the name, user name, first name, last name, work information, etc.

Azure Active Directory User/Group And Azure SQL Database

Assign roles like the User, Global, and Limited administrator role. Once you select the options, click "Create".

Azure Active Directory User/Group And Azure SQL Database

Roles

  • A user can access the resources but cannot manage the directory resources.
  • A global administrator can do anything except changing the password of another administrator.
  • The limited administrator is limited to the role assigned. It can be a password administrator, service administrator, SharePoint administrator, security administrator, etc.

The new user is created successfully.

Azure Active Directory User/Group And Azure SQL Database

After this, if you click on the new users, you will see the options to reset the password or to delete it. By default, the user is created with a temporary password that you are forced to change after the first login to the portal.

Azure Active Directory User/Group And Azure SQL Database

Click the option to check the profile.

Azure Active Directory User/Group And Azure SQL Database

In Profile, you can add your photo, block the permissions to sign in, specify usage location and add more information.

Azure Active Directory User/Group And Azure SQL Database

Step 2 - Create an Azure Active Directory Group and assign the user to the group

It works with groups instead of working with individual users. It simplifies the administration of accounts when people move to another office or another company.

To create a new user group in the Azure Portal, go to Azure Active Directory >> All Groups and select New Group.

Azure Active Directory User/Group And Azure SQL Database
 
Azure Active Directory User/Group And Azure SQL Database

Then, assign users to the group now. In Members, check the users that you want to add to the group.

Azure Active Directory User/Group And Azure SQL Database

After this, add the Group or User. See or check.

Azure Active Directory User/Group And Azure SQL Database

Step 3 - How to add an Azure Active Directory user/group as an Azure SQL Administrator

To assign an Azure Active Directory user/group to Azure SQL Database as an Administrator, in the Azure Portal, click SQL Server.

Select and open the SQL Server with an Azure SQL Database.

Azure Active Directory User/Group And Azure SQL Database

After that, open the SQL Server, click Active Directory admin, and press the "Set admin" option.

Azure Active Directory User/Group And Azure SQL Database

Then, select a User or a Group as the Active Directory Administrator.

Azure Active Directory User/Group And Azure SQL Database

Select the user or group and  click on "Save".

Azure Active Directory User/Group And Azure SQL Database

Successfully added! Open in the SSMS, try to login using the new Azure Active Directory User created.

Azure Active Directory User/Group And Azure SQL Database


Azure Active Directory User/Group And Azure SQL Database
 

Summary

 
In this article, we learned how to add an Azure Active Directory User/Group in Azure SQL Database. In my next article, I will cover the next step of this series.