Login failed for user '<token-identified principal>' Error 18456 On Deploy Database
From SSMS 2017 I right click the database, then select Tasks->Deploy Database to Microsoft Azure SQL database.
In the Wizard Deployment Settings screen, I click "Connect" and log in to my Azure SQL Server:
Then I click "Next" and get this error:
This question explains the need to grant the user access to the database. But we are creating a new database here.
Update
I am connecting as the admin
Under Access control (IAM) -> Check access -> View my access I can see that I have Owner as a current role assignment
However when I click Eligible assignments I see
Activate a role to perform operations that require elevated permissions. The role will remain active for a limited time.
and
The tenant needs to have Microsoft Entra ID P2 or Microsoft Entra ID Governance license.
According to the MS document
CREATE DATABASEpermissions are necessary. To create a database a login must be either the server admin login (created when the Azure SQL Database logical server was provisioned), the Microsoft Entra admin of the server, a member of the dbmanager database role inmaster
The user who you provided is not having the necessary permissions to create database. That may be the reason to get above error. If you are using Entra user to login to SQL server, make sure your Entra user is set as server admin, otherwise set server admin as shown below in SQL server:
If the user is from external provider, add dbmanager role to the user in master db using below command:
ALTER ROLE dbmanager ADD MEMBER <user>;
Then you will be able to deploy the database successfully as shown below:
Deployed database:
Note: Use latest version of SSMS i.e. SSMS v20.2, it will work.
- Add Azure Active Directory User to Azure SQL Database
- Azure sql database export to storage blob failed
- Azure DB to timezone does not convert
- Use User Managed Identity (UMI) to authenticate Azure App Service (Python) to SQL Database
- Azure ArmClient Rename & Copy DB Operations
- Connecting to an Azure SQL database with a VPN (Point-to-Site)
- Poweshell to set Azure SQL Auditing
- SQL Server Error "AADSTS500133: Assertion is not within its valid time range" for Managed Identity
- How to set Azure SQL database instance with Min 0,5 vCores with Terraform?
- Anonymize data in dataflow pipeline gen2
- How to grant a Managed Identity permissions to an Azure SQL Database using IaC?
- Uses SQL connection strings from Azure Keyvault in Azure functions
- How do I connect locally to Azure SQL database with Microsoft Entra ID registered app in C#?
- Secure access to Azure storage account from only app service, database server and specific Internet address
- Why given code is generating 'The request limit for the database is X' with Azure SQL
- ADF - Column cannot participate in columnstore index
- Unable to link Azure SQL Database to Static Web App
- Azure Data Studio - Why Is Restore Option Missing Entirely?
- Login failed for user '<token-identified principal>' Error 18456 On Deploy Database
- 'Table data cannot be migrated, source table is empty' in Azure SQL migration wizard
- Design in Query Editor disabled for Azure databases
- Merge rows in a specific sequence in SQL (Azure SQL)
- How create external table in Azure SQL to access a table in local SQL Server on same subnet. Getting error on select
- The SELECT permission was denied on the object 'Users', database 'XXX', schema 'dbo'
- Unable to 'Deploy Database to Microsoft Azure SQL Database' from SSMS 20.2
- Azure blob-to-SQL automatic copy
- How to connect a Web App to a SQL database on Azure using Managed Identities?
- Intermittent exception against SQL Azure: Unknown error 258
- Difference between Azure database for MySQL and Azure SQL database
- I'm using SSIS in ADF to move .csv from a blob container to another and then ingest into a Azure SQL database. I get an assembly error