I was looking at https://azure.microsoft.com/en-us/documentation/articles/sql-database-manage-logins/ searching for some documentation about limits and/or restrictions of the amount of the users I can create on SQL Azure Server, but I didn't get anyone.
There's no specific limit on number of users. A SQL database can handle 2^31 objects which includes tables, views, sprocs, etc... and users so you can create LOTS of users (doesn't mean you should).
The article you referenced points out the maximum concurrent logins of 30. That means only 30 unique logins are permitted at any time. For most environments, this translates to 30 concurrent users. That means you can create 1000 user accounts in your database but only 30 can actively access the database at any given time.
I'd be happy to help. Can you please be a little more specific about what limits you think you might hit? There are no limits on users for security in SQL DB.
Guy
Related
I want to create two users
App_dbo which is used to deploy scripts
App_batch which is used to run jobs
I googled it and found SQL Script
I did not understand why I need to create a LOGIN.
What is the process to create a user ?
Let me try to explain how the login and users work on a little example.
Imagine you are going to stay in a hotel, you've booked a room. At the reception they check your id and give you the key for your room. The id is your login, it is only checked once at the reception and you get access to whatever you are eligible for. If you paid for more rooms, you will get multiple keys.
In the SQL server, the rooms are the databases and the keys are your users. You can map multiple users to the login as long as the users are in a different databases - you get keys for all rooms you've paid for using just one id.
There is also a case where login doesn't have any users mapped. It can have permissions to create new databases or update infrastructure, but will not have access to the existing databases. This can be a case of a server admin. In the hotel example it is the technical maintenance employee who fixes pipes or electric wires. He has access to the hotel, but doesn't have keys for any rooms.
Therefore, login gives access to the sql server (hotel common areas), however, it doesn't give you access to any database. You need user(s) mapped to your login to get a database(s) access(es).
Afaik, you can't map two users from the same db to one login (you only get one key for each room you've access too).
There are also other cases, like the AD one mentioned in the discussion below the question, where you can map multiple (external) identities to a single login etc, you can have users without login etc. I recommend to study documentation or get some good book explaining all possibilities. Good start might be here.
Hope this helps to understand how it works to a human being, there are plenty of answers how to set it up technically, for example the one you've referenced.
What is the maximum number of databases that we can create in a single Azure logical server?
There is soft limit of 150 databases per server.
However customers can get that limit removed by calling the Azure Help Desk and going through a credit check process.
Contact azure support for precise response here
Does it effect the performance of my web Application if many users use single table of SQL Server database simultaneously...?
This question is very general, it depends upon number of concurrent users per second and design of application code keeping an eye on atomicity.
my question is rather simple.
Can i grant permissions on a database table wise? something in the lines:
User Management has permission to select, update, insert and delete on table Projects
User Supervisor has permission to select, update, insert on table Projects
User Colaborator has permission to select on table Projects
If so, I could set up a system to create database users based on the levels of access of my application, much like the examples above.
Is it a valid mechanism to use this to secure a application?
is it worth on a real world application?
i've used PHP with Oracle and MySQL, but I'm look for a database/language agnostic answer, but any example would be useful.
pushing my luck a bit, what about per record permission granting?
also, what about table schemas, are they a more acceptable then table based permissions?
The main problem with using database security would be that you need separate connections for each user rather than being able to use a "service user" for the connection from your application server to your DB server. That would mean that you would no longer be able to use database connection pooling have to "connect" and "disconnect" from the database for every user request, which is not very efficient as connections are relatively expensive.
Having said that, there is good reason for using separate users in the database, such as DATA_USER (which the application server connects as) and DATA_OWNER (which owns all the tables but is used only for DB maintenance) and then only give DATA_USER the permissions that it needs to, e.g. only select on a lookup table. By separating DATA_USER and DATA_OWNER you can add an additional level of confidence that your application won't issue DDL commands (e.g. dropping a table).
Answer to part 1:
Yes as long as you handle the responses correctly.
Part 2:
It's not as good as implementating security in the application layer, as most applications will need flexibility in the solution (what if you want a user to get increased privledges, have to code in lots of alter/deny/grant scripts)
Part 3: (Speaking from purely MSSQL) Row-level permissions aren't possible. Create custom views for this purpose.
I know in Sql Server, Tables per database "Limited by number of objects in a database", "Database objects include objects such as tables, views, stored procedures, user-defined functions, triggers, rules, defaults, and constraints. The sum of the number of all objects in a database cannot exceed 2,147,483,647."
My question is, whats the max number for the tables I can create in one Sql Azure Databse?
Thanks
Remus is right!
And if you are on a study, better look for size limits, because the current maximum size of an SQL Azure database is 50 GB. Which means that if your database is larger than that, you'll have to wait for new bigger limits to become available. And this is defenitely something that is not changeble via a support ticket.
Other than that you can quickly check your database for SQL Azure compatability using the SQL Azure Migration Wizard from CodePlex - an easy to use SQL Server <-> SQL Azure migration tool.
If you find yourself asking this question, then your plan is flawed. No sane design will need 2 billion objects in a database, or anything close to that.
The official Guidelines and Limitation document mentions some of the limits supported (eg. 150 databases per server). The limit you are asking for is not documented.