Tech Networking
  |  Home |  Articles |  Free Downloads |  Free Code |  Access Links |  SQL Azure |  Products |  Get Premium Software |  Login  |  Register |  Contact Us |   
Skip Navigation LinksHome Page > Articles By Patrick Wood > Create SQL Azure Logins with Access

How to Use Microsoft Access to Create Logins in a SQL Azure Database

In this article we will demonstrate how you can use a Pass-through query in Access with VBA code to create SQL Azure Logins. Microsoft Access can then use the Login and Password to gain access to SQL Azure Tables, Views, and Stored Procedures. We will create a Login using SQL in Access similar to the following Transact-SQL (T-SQL):

CREATE LOGIN MyLoginName WITH password = 'zX/w3-q7jU'

Thankfully, a user would never have to memorize that password! Because this Login and password would only be used by my Access application the user never sees it and does not even know it exists.

There are several steps involved in creating a Login and Password for SQL Azure. And although most T-SQL that is used in SQL Azure is exactly the same as that used with SQL Server there are some critical differences which we will address in the following steps.

1) Create a Strong Password that Meets the Requirements of the Password Policy.

It is very important to use Strong Passwords because the extra security is needed since we cannot use Windows Authentication with SQL Azure. Passwords must be at least 8 characters long and contain at least one number or special character such as -/~^&.

2) Use Characters That Do Not Conflict With ODBC Connection Strings.

To avoid errors we should not use these ODBC connection string characters []{}(),@;?*! in our Login Name and Password.

3) Build a Transact-SQL Statement Which Will Create the Login.

We will use the T-SQL CREATE LOGIN statement in a Pass-through query to create the Login. Since Pass-through queries "pass" the SQL unaltered to SQL Azure most of the time the SQL is just like what we would in SQL Server Management Studio (SSMS) and as seen here:

CREATE LOGIN MyLoginName WITH password = 'zX/w3-q7jU'

Another requirement of the CREATE LOGIN statement is that it must be the only statement in a batch. So we are only going to create one Login at a time.

4) Ensure the Login and Password Are Created In the master Database.

This is required because "USE master" does not work in SQL Azure as it does with SQL Server because the USE statement is not supported in SQL Azure. But with Access we can create the Login in the master database by specifying the master database in our Connection String: "DATABASE=master;". We use a Function like the one below to get the Connection String with an obfuscated name to keep it more secure.

Public Function obfuscatedFunctionName() As String
    obfuscatedFunctionName = "ODBC;" _
        & "DRIVER={SQL Server Native Client 11.0};" _
        & ",1433;" _
        & "UID=MyUserName@MyServerName;" _
        & "PWD=MyPassword;" _
        & "DATABASE=master;" _
        & "Encrypt=Yes"
End Function

See my article Building Safer SQL Azure Cloud Applications with Microsoft Access for more information about securing your Access application.

5) Create a Function to Execute the SQL and Create the Login.

Place the ExecuteMasterDBSQL Function below in a Standard Module. This Function executes our CREATE LOGIN statement. It can be used any time you want to execute a T-SQL statement in the SQL Azure master database that does not return records. The Function returns True if the SQL was executed successfully or False if the SQL fails to be executed.

'This procedure executes Action Query SQL in the SQL Azure master database.
'The Procedure Argument "strData" is used like a password to make this powerful Procedure secure.
'Example usage: Call ExecuteMasterDBSQL(strSQL, "U_n9Yg&E8H5u6\p$Ma+r/J2%yeg")
'Or: If ExecuteMasterDBSQL(strSQL, "U_n9Yg&E8H5u6\p$Ma+r/J2%yeg") = False Then
Function ExecuteMasterDBSQL(strSQL As String, strData As String) As Boolean
On Error GoTo ErrHandle

    Dim db As DAO.Database
    Dim qdf As DAO.QueryDef

    ExecuteMasterDBSQL = False 'Default Value

    'This line ensures the code only runs if the "Password" Argument "strData" is correct.
    If strData = "U_n9Yg&E8H5u6\p$Ma+r/J2%yeg" Then
        Set db = CurrentDb

        'Create a temporary unnamed Pass-through QueryDef. This is a
        'practice recommended in the Microsoft Developer Reference.
        'The order of each line of code must not be changed or the code will fail.
        Set qdf = db.CreateQueryDef("")
        'Use a function to get the SQL Azure Connection string to the master database
        qdf.Connect = obfuscatedFunctionName
        'Set the QueryDef's SQL as the strSQL passed in to the procedure
        qdf.SQL = strSQL
        'ReturnsRecords must be set to False if the SQL does not return records
        qdf.ReturnsRecords = False
        'Execute the Pass-through query
        qdf.Execute dbFailOnError

        'If no errors were raised the query was successfully executed
        ExecuteMasterDBSQL = True
    End If

    'Cleanup for security and to release memory
    On Error Resume Next
    Set qdf = Nothing
    Set db = Nothing
    Exit Function

    MsgBox "Error " & Err.Number & vbCrLf & Err.Description _
    & vbCrLf & "In Procedure ExecuteMasterDBSQL"
    Resume ExitHere

End Function

6) Use a Form to Enter the Login Name and Password

We can make it easy for users to create a Login by using a form. To do this we need to add two text boxes and a command button to the form. Both text boxes need to be unbound. Name the text box for the Login Name txtLoginName. Name the text box for the Password txtPassword. Name the command button cmdCreateLogin. The form should look something like this, but without the extra touches for appearance sake.

Create Logins Form

Add the code below to the command button's Click event. After the code verifies that a Login Name and Password has been entered, it calls the ExecuteMasterDBSQL Function to create the Login in our SQL Azure master database.

Private Sub cmdCreateLogin_Click()

    'Prepare a Variable to hold the SQL statement
    Dim strSQL As String

    'Build the SQL statement
    strSQL = "CREATE LOGIN " & Me.txtLoginName & " WITH password = '" & Me.txtPassword & "'"

    'Verify both a Login Name and a Password has been entered.
    If Len(Me.txtLoginName & vbNullString) = 0 Then
        'A Login Name has not been entered.
        MsgBox "Please enter a value in the Login Name text box.", vbCritical
        'We have a Login Name, verify a Password has been entered.
        If Len(Me.txtPassword & vbNullString) = 0 Then
            'A Password has not been entered.
            MsgBox "Please enter a value in the Password text box.", vbCritical
            'We have a Login Name and a Password.
            'Create the Login by calling the ExecuteMasterDBSQL Function.
            If ExecuteMasterDBSQL(strSQL, "U_n9Yg&E8H5u6\p$Ma+r/J2%yeg") = False Then
                MsgBox "The Login failed to be created.", vbCritical
                MsgBox "The Login was successfully created.", vbInformation
            End If
        End If
    End If
End Sub

The code in the Form checks the return value of the ExecuteMasterDBSQL Function and informs us whether or not the Login was successfully created. Once we have created a Login we can create a Database User for the Login and grant the User access to the data in the SQL Azure Database. Creating a Database User for the Login appears to be a good subject for another article.

Login Status: Not logged in.
Login      Free Registration

  Call Us for a Free Consultation




Site Navigation

Skip Navigation Links.
Return to Top