Edit

Share via

Set-AzSqlServerActiveDirectoryAdministrator

Module:
Az.Sql Module

Provisions a Microsoft Entra administrator for SQL Server.

Syntax

Default (Default) 

Set-AzSqlServerActiveDirectoryAdministrator
    [-DisplayName] <String>
    [[-ObjectId] <Guid>]
    [-ServerName] <String>
    [-ResourceGroupName] <String>
    [-DefaultProfile <IAzureContextContainer>]
    [-WhatIf]
    [-Confirm]
    [<CommonParameters>]

Description

The Set-AzSqlServerActiveDirectoryAdministrator cmdlet provisions a Microsoft Entra administrator for AzureSQL Server in the current subscription. You can provision only one administrator at a time. The following members of Microsoft Entra ID can be provisioned as a SQL Server administrator:

  • Native members of Microsoft Entra ID
  • Federated members of Microsoft Entra ID
  • Imported members from other Azure ADs who are native or federated members
  • Microsoft Entra groups created as security groups Microsoft accounts, such as those in the Outlook.com, Hotmail.com, or Live.com domains, are not supported as administrators. Other guest accounts, such as those in the Gmail.com or Yahoo.com domains, are not supported as administrators. We recommend that you provision a dedicated Microsoft Entra group as an administrator.

Examples

Example 1: Provision an administrator group for a server

Set-AzSqlServerActiveDirectoryAdministrator -ResourceGroupName "ResourceGroup01" -ServerName "Server01" -DisplayName "DBAs"

ResourceGroupName ServerName DisplayName ObjectId IsAzureADOnlyAuthentication
----------------- ---------- ----------- -------- ---------------------------
ResourceGroup01   Server01   DBAs        40b79501-b343-44ed-9ce7-da4c8cc7353b False

This command provisions a Microsoft Entra administrator group named DBAs for the server named Server01. This server is associated with resource group ResourceGroup01.

Example 2: Provision an administrator user for a server

Set-AzSqlServerActiveDirectoryAdministrator -ResourceGroupName "ResourceGroup01" -ServerName "Server01" -DisplayName "David Chew"

ResourceGroupName ServerName DisplayName ObjectId IsAzureADOnlyAuthentication
----------------- ---------- ----------- --------
resourcegroup01   server01   David Chew  11E95548-B179-4FE1-9AF4-ACA49D13ABB9 False

This command provisions a Microsoft Entra user as an administrator for the server named Server01.

Example 3: Provision an administrator group by specifying its ID

Set-AzSqlServerActiveDirectoryAdministrator -ResourceGroupName "ResourceGroup01" -ServerName "Server01" -DisplayName "DBAs" -ObjectId "40b79501-b343-44ed-9ce7-da4c8cc7353b"

ResourceGroupName ServerName DisplayName ObjectId IsAzureADOnlyAuthentication
----------------- ---------- ----------- --------
ResourceGroup01   Server01   DBAs        40b79501-b343-44ed-9ce7-da4c8cc7353b False

This command provisions a Microsoft Entra administrator group named DBAs for the server named Server01. The command specifies an ID for the ObjectId parameter. This makes sure that the command succeeds even if the display name of the group is not unique.

Parameters

-Confirm

Prompts you for confirmation before running the cmdlet.

Parameter properties

Type:SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False
Aliases:cf

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DefaultProfile

The credentials, account, tenant, and subscription used for communication with azure

Parameter properties

Type:IAzureContextContainer
Default value:None
Supports wildcards:False
DontShow:False
Aliases:AzContext, AzureRmContext, AzureCredential

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

-DisplayName

Specifies the display name of the Microsoft Entra administrator that this cmdlet provisions.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:2
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-ObjectId

Specifies the unique ID of the Microsoft Entra administrator that this cmdlet provisions. If the display name is not unique, you must specify a value for this parameter.

Parameter properties

Type:Guid
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:3
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-ResourceGroupName

Specifies the name of the resource group to which the server is assigned.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:0
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-ServerName

Specifies the name of the SQL Server for which this cmdlet provisions an administrator.

Parameter properties

Type:String
Default value:None
Supports wildcards:False
DontShow:False

Parameter sets

(All)
Position:1
Mandatory:True
Value from pipeline:False
Value from pipeline by property name:True
Value from remaining arguments:False

-WhatIf

Shows what would happen if the cmdlet runs. The cmdlet is not run.

Parameter properties

Type:SwitchParameter
Default value:False
Supports wildcards:False
DontShow:False
Aliases:wi

Parameter sets

(All)
Position:Named
Mandatory:False
Value from pipeline:False
Value from pipeline by property name:False
Value from remaining arguments:False

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

String

Guid

Outputs

AzureSqlServerActiveDirectoryAdministratorModel