Professional Documents
Culture Documents
Introduction
Managing Security Roles
Creating Database User Accounts
Creating Contained Logins
Summary
Introduction
The Manage Users and Database Roles module provides you with the instruction
and server hardware to develop your hands on skills in the defined topics. This module
includes the following exercises:
Lab Diagram
During your session you will have access to the following lab configuration. Depending
on the exercises you may or may not use all of the devices, but they are shown here in the
layout to get an overall understanding of the topology of the lab.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 1/49
7/23/2019 Print content
In this module you will be working on the following equipment to carry out the steps
defined in each exercise.
To start, simply choose a device and click Power on. In some cases, the devices may
power on automatically.
For further information and technical support, please see our Help and Support
page.
Copyright Notice
This document and its content is copyright of Practice-IT - © Practice-IT 2014. All rights reserved. Any
redistribution or reproduction of part or all of the contents in any form is prohibited other than the
following:
1) You may print or download to a local hard disk extracts for your personal and non-commercial use
only.
2) You may copy the content to individual third parties for their personal use, but only if you
acknowledge the website as the source of the material. You may not, except with our express written
permission, distribute or commercially exploit the content. Nor may you transmit it or store it in any
other website or other form of electronic retrieval system.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 2/49
7/23/2019 Print content
In this exercise, you will perform the tasks required to manage users and database roles.
Please refer to your course material or use your favourite search engine to research for
more information about this topic.
Step 1
Ensure that you have powered on the required devices and connect to PLABSQL01.
Click Start then go to Administrative Tools and select Active Directory Users and
Computers.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 3/49
7/23/2019 Print content
Step 2
Right-click on Users container and click New then click User.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 4/49
7/23/2019 Print content
Step 3
On New Object - User, click in First name box and type:
SQLUser1
SQLUser1
Click Next.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 5/49
7/23/2019 Print content
Step 4
In Password and Confirm password text boxes, type:
Passw0rd
Click Next.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 6/49
7/23/2019 Print content
Step 5
Click Finish to close New Object - User dialogue box.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 7/49
7/23/2019 Print content
Step 6
Close Active Directory Users and Computers.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 8/49
7/23/2019 Print content
Step 1
From PLABSQL01, on desktop, double-click SQL Server Management Studio
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 9/49
7/23/2019 Print content
Step 2
The Connect to Server dialog box is displayed.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 10/49
7/23/2019 Print content
Step 3
On SQL Server Management Studio, expand Security then expand Logins.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 11/49
7/23/2019 Print content
Step 4
In the Login name field, click Search…
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 12/49
7/23/2019 Print content
Step 5
In the Select User, Service Account or Group type:
SQLUser1
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 13/49
7/23/2019 Print content
Step 6
Click OK when SQLUser1 has been resolved or underlined.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 14/49
7/23/2019 Print content
Step 7
Back in Login-New dialogue box, click OK.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 15/49
7/23/2019 Print content
Step 8
PRACTICELABS\SQLUser1 is now in the Logins folder.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 16/49
7/23/2019 Print content
Step 9
Navigate to Databases, then expand AdventureWorks2012, then expand Security.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 17/49
7/23/2019 Print content
Step 10
In Database User - New dialogue box, go to User name section and type:
SQLUser1
PRACTICELABS\Administrator
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 18/49
7/23/2019 Print content
Step 11
In Select Schema, click Browse…
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 19/49
7/23/2019 Print content
Step 12
On Browse for Objects, click [db_accessadmin] and [dbo].
Click OK.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 20/49
7/23/2019 Print content
Step 13
Back in the Select Schema dialogue box, click OK.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 21/49
7/23/2019 Print content
Step 14
On Database User-New, click OK to save changes.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 22/49
7/23/2019 Print content
Step 15
Keep SQL Server Management Studio open for the next exercise.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 23/49
7/23/2019 Print content
The roles that already exist in SQL Server are known as the Fixed Database-level roles.
The roles that you create in SQL Server are known as Flexible Database-level roles.
To configure security roles for users and administrators, perform the following steps:
Step 1
On PLABSQL01 device, with Microsoft SQL Server Management Studio open,
navigate to Databases > AdventureWorks2012 > Security, then expand Roles
then expand Database Roles.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 24/49
7/23/2019 Print content
Step 2
Right-click db_accessadmin, and select Properties.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 25/49
7/23/2019 Print content
Step 3
The Database Role Properties - db_accessadmin dialog box is displayed.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 26/49
7/23/2019 Print content
Step 4
The Select Database User or Role dialog box is displayed.
SQLUser1
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 27/49
7/23/2019 Print content
Step 5
With SQLUser1 now resolved, click OK.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 28/49
7/23/2019 Print content
Step 6
SQLUser1 user is added to the Members of this role section.
Click OK.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 29/49
7/23/2019 Print content
Step 7
You are navigated back to the Microsoft SQL Server Management Studio.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 30/49
7/23/2019 Print content
Step 8
The Database Role - New dialog box is displayed.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 31/49
7/23/2019 Print content
Step 9
In the Role name text box, enter SQLUser1_db_creator. In the Owner text box,
enter SQLUser1.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 32/49
7/23/2019 Print content
Step 10
In the Schemas owned by this role section, select db_datawriter.
Click Add.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 33/49
7/23/2019 Print content
Step 11
The Select Database User or Role dialog box is displayed.
In the Enter the object names to select text box, enter SQLUser1 and click OK.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 34/49
7/23/2019 Print content
Step 12
Click OK to close the Database Role - New dialog box.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 35/49
7/23/2019 Print content
Step 13
You are navigated back to Microsoft SQL Server Management Studio.
Keep Microsoft SQL Server Management Studio open for the next exercise.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 36/49
7/23/2019 Print content
Leave the devices you have powered on in their current state and proceed to the next
exercise.
Please refer to your course material or use your favourite search engine to research for
more information about this topic.
Step 1
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 37/49
7/23/2019 Print content
Step 2
The Database User - New dialog box is displayed.
In the User type drop-down list, select SQL user without login.
Enter SQLUser2 in the User name text box and click OK.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 38/49
7/23/2019 Print content
Step 3
Note that the SQLUser2 user is now created under the Security > Users node for
AdventureWorks2012.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 39/49
7/23/2019 Print content
Leave the devices you have powered on in their current state and proceed to the next
exercise.
Note: Before you create a contained login, ensure that containment is enabled at the
instance level.
Step 1
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 40/49
7/23/2019 Print content
Step 2
The SQLQuery1.sql tab opens on the right.
Click Execute.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 41/49
7/23/2019 Print content
Step 3
You should get a query executed successfully command.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 42/49
7/23/2019 Print content
Step 4
Click again on New Query button.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 43/49
7/23/2019 Print content
Step 5
A new tab opens, now type the following:
You can now create a SQL contained user. Create a new query with the following
statements and click Execute.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 44/49
7/23/2019 Print content
Step 6
The TestDB1 database is successfully created.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 45/49
7/23/2019 Print content
Step 7
A new query tab opens.
You can now create a SQL contained user. Create a new query with the following
statements and click Execute.
USE TestDB1
GO
CREATE USER TestContainedUser1 WITH PASSWORD = 'Passw0rd'
Go
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 46/49
7/23/2019 Print content
Step 8
The query runs successfully.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 47/49
7/23/2019 Print content
Step 9
Expand Databases in Object Explorer.
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 48/49
7/23/2019 Print content
Shutdown all virtual machines used in this lab, by using the power functions located in
the Tools bar before proceeding to the next module.
Summary
In this module, you covered carried the following practical tasks:
https://www.practice-labs.com/authenticated/vNext/vn-print-content.aspx 49/49