DRAG DROP
You deploy a new Microsoft Azure SQL Database instance to support a variety of mobile applications and
public websites. You plan to create a new security principal named User1.
The principal must have access to select all current and future objects in a database named Reporting. The
activity and authentication of the database user must be limited to the Reporting database.
You need to create the new security principal.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of
actions to the answer area and arrange them in the correct order.
Select and Place:
Answer: 
Explanation:
Step 1, Step 2:
First you need to create a login for SQL Azure, it’s syntax is as follows:
CREATE LOGIN username WITH password=’password’;
This command needs to run in master db. Only afterwards can you run commands to create a user in the
database.
Step 3:
Users are created per database and are associated with logins. You must be connected to the database in
where you want to create the user. In most cases, this is not the master database. Here is some sample
Transact-SQL that creates a user:
CREATE USER readonlyuser FROM LOGIN readonlylogin;
https://azure.microsoft.com/en-us/blog/adding-users-to-your-sql-azure-database/
I think this answer is incorrect because the question states “The
activity and authentication of the database user must be limited to the Reporting database.” The correct answer is:
1. In SSMS, create a connection to the Reporting database on the Azure SQL Server instance.
2. Create User ‘User1′ WITH PASSWORD=’Pa$$word’;
3. EXEC sp_addrolemember ‘db_datareader’,’User1′;
4
2
you need to create a login first before a user…correct?
1
0
In my opinion Tina would be correct IF the database is a contained database. But in the question I do not read that the database is a contained database, so the login must be created first, as Jamie mentions.
But the suggested answer “Grant SELECT to User1” will result in a syntax error (because “ON SCHEMA::” is missing). So I am confused here. Perhaps the question and/or the answers contain errors or omissions.
By the way “create LOGIN…from external provider” will also always result in an error, because the “from external provider” will only work in combination with create user, not with create login.
0
0
1.Create login User1 with password
2. create user User1 for login User1
3. add sp_rolemember datareader,User1
0
0