如何将用户迁移到SQL Server中的部分包含的数据库

介绍 (Introduction)

Microsoft introduced the Contained Database feature in SQL Server 2012. In this article we will take a look at how to migrate SQL Server Logins to a partially contained database in SQL Server to remove dependencies from the Instance of SQL Server where Contained Database resides.

Microsoft在SQL Server 2012中引入了“包含的数据库”功能。在本文中，我们将研究如何将SQL Server登录名迁移到SQL Server中的部分包含的数据库，以从包含数据库SQL Server实例中删除依赖项。

SQL Server中包含的数据库概述 (Overview of contained database in SQL Server)

A contained database is a user database which is completely isolated from the all the other databases which are residing on the instance of SQL Server.

包含的数据库是一个用户数据库，它与SQL Server实例上的所有其他数据库完全隔离。

SQL Server支持的不同类型的包含 (Different types of containments supported by SQL Server)

The different types of database containments are FULL, PARTIAL or NONE. However, Microsoft SQL Server 2012 and later versions currently support only PARTIAL and NONE containments.

不同类型的数据库包含为FULL，PARTIAL或NONE。但是，Microsoft SQL Server 2012和更高版本当前仅支持PARTIAL和NONE包含。

Full Database Containment: A fully contained database will not have any configuration dependencies on the SQL Server Instance where the database is hosted. Hence, we can very well say that a fully contained database will contain all the required metadata and settings to define the database. This feature is still not available in any version or edition of SQL Server.

完全数据库遏制 ：一个完全包含的数据库将不会对SQL Server实例中，数据库托管任何配置的依赖。因此，我们可以说，一个完全包含的数据库将包含定义数据库所需的所有元数据和设置。此功能在任何版本SQL Server中仍然不可用。

Partial Database Containment: A partially contained database is a contained database will contain all the necessary objects and will allow the use of uncontained features.

部分数据库遏制 ：一个部分包含数据库是包含数据库将包含所有必需的对象，并允许使用非包容性的特点。

None Database Containment: Any database which has containment set to NONE. All the databases prior to SQL Server 2012 are non-contained. Starting SQL Server 2012 and later versions all database will have containment value set as NONE by default.

无数据库包含 ：任何包含设置为NONE的数据库。 SQL Server 2012之前的所有数据库都不包含。从SQL Server 2012和更高版本开始，默认情况下，所有数据库的包含值都将设置为NONE。

SQL Server中包含的数据库的主要限制 (Key limitations of contained databases in SQL Server)

Some of the key limitations of a contained database which you must consider before you plan to migrate to a contained database are:-

在计划迁移到包含的数据库之前，必须考虑包含的数据库的一些关键限制：-

Replication, Change Data Capture, or Change Tracking should not be configured on the database which you would like to convert it into a contained database.

不应在要将数据库转换为包含数据库的数据库上配置复制，更改数据捕获或更改跟踪。
Partially contained databases should not have any procedures which have procedure names that include numbers.

部分包含的数据库不应具有带有包含数字的过程名称的任何过程。
Partially contained databases shouldn’t have any Schema-bound objects which depend upon any built-in functions with any collation changes

部分包含的数据库不应具有依赖于任何内置函数以及任何排序规则更改的任何绑定到模式的对象

It is highly recommended to evaluate if there are any containment breaches for a user database before it is migrated to a partially contained database in SQL Server 2012 and later versions. There are different ways in which you can quickly identify containment status of any user database. Let us explore each of these options one by one.

强烈建议在将用户数据库迁移到SQL Server 2012及更高版本中的部分包含的数据库之前，先评估是否存在任何违反包含的行为。您可以通过多种方法快速确定任何用户数据库的包含状态。让我们逐一探讨这些选项。

使用sys.dm_db_uncontained_entities动态管理视图破坏身份数据库 (Identity database containment breaches using sys.dm_db_uncontained_entities Dynamic Management View)

Using sys.dm_db_uncontained_entities dynamic management view you could easily identify if there are any database containment breaches. If the database has any uncontained entries then this DMV will output the results including the once across database boundaries. However, if your database uses Dynamic SQL then those issues will not be outlined until run time.

使用sys.dm_db_uncontained_entities动态管理视图，您可以轻松确定是否存在任何数据库容纳违规情况。如果数据库中有任何未包含的条目，则该DMV将输出结果，包括一次跨越数据库边界的结果。但是，如果您的数据库使用动态SQL，则直到运行时才会列出这些问题。


SELECT * FROM sys.dm_db_uncontained_entities
GO

在SQL Server中使用database_uncontained_usage扩展事件来破坏身份数据库 (Identity database containment breaches using database_uncontained_usage Extended Event in SQL Server)

Using database_uncontained_usage extended event you could find out if there are any uncontained entries at run time. Whenever, there is a containment breach identified during run time only those entries will be captured by this extended event. Hence, if there are any uncontained entries which are never called will go unnoticed until they are triggered.

使用database_uncontained_usage扩展事件，您可以找出运行时是否有任何未包含的条目。无论何时，只要在运行时发现了收容突破，这个扩展事件都只会捕获那些条目。因此，如果有任何未包含的条目，它们将永远不会被忽略，直到被触发。

Let us get started with a demo:

让我们开始一个演示：

Firstly, we will be to enable contained database feature at SQL Server Instance Level

首先，我们将在SQL Server实例级别启用包含的数据库功能
Secondly, we will enable containment type for a database.

其次，我们将为数据库启用包含类型。
Finally, we will convert all the existing SQL Server Login which has access to Contained Database to a contained use of the database with no dependencies on SQL Server Instance.

最后，我们将所有可以访问“包含的数据库”的现有SQL Server登录名转换为对该数据库的包含的使用，而不依赖SQL Server实例。

如何在SQL Server 2012和更高版本中启用包含的数据库功能 (How to enable contained database feature in SQL Server 2012 and later versions)

Open SQL Server Management Studio and then connect to the SQL Server Instance where your user database resides.

打开SQL Server Management Studio，然后连接到用户数据库所在SQL Server实例。
In Object Explorer, right click the SQL Server Instance and select Server Properties. Click on Advanced tab on the left pane and then change the value as True for Enable Contained Databases as shown in the snippet below and click OK to save the changes.

在对象资源管理器中 ，右键单击“ SQL Server实例”，然后选择“ 服务器属性” 。单击左窗格上的“ 高级”选项卡，然后将“ 启用包含的数据库”的值更改为True ，如下面的代码片段所示，然后单击“ 确定”以保存更改。
You can also enable Contained Database feature at instance level by executing the below mentioned TSQL Script.

您还可以通过执行以下提到的TSQL脚本在实例级别启用“包含数据库”功能。
```
USE master
GOEXEC sys.sp_configure 'show advanced options', 1
GORECONFIGURE
GOEXEC sys.sp_configure N'contained database authentication', N'1'
GORECONFIGURE
GOEXEC sys.sp_configure 'show advanced options', 0
GORECONFIGURE
GO
```
如何在SQL Server 2012和更高版本中将用户数据库转换为部分包含的数据库 (How to convert a user database to a partially contained database in SQL Server 2012 and higher versions)
1. In Object Explorer, expand Databases nodes and then right click the database and select Properties. Click on Options on left pane and choose Containment Type value as Partial from the drop down menu as shown in the snippet below and click OK to save the changes.
  
  在对象资源管理器中 ，展开“ 数据库”节点，然后右键单击数据库，然后选择“ 属性” 。单击左窗格上的“ 选项” ，然后从下拉菜单中选择“包含类型为部分的 容器类型值”，如下面的代码片段所示，然后单击“ 确定”保存更改。
2. You can also change containment type of user database by executing the below mentioned TSQL Script.
  
  您还可以通过执行以下提到的TSQL脚本来更改用户数据库的包含类型。
```
USE [master]
GOALTER DATABASE [AdventureWorks2012]
SET CONTAINMENT = PARTIAL WITH NO_WAIT
GO
```
  如何确定所包含数据库中的所有SQL Server登录名是否都包含用户？ (How to identify whether all SQL Server logins in the contained database are contained users or not?)
  
  Execute the below query to identify the list of all the SQL Server Login which are yet to be contained users.
  
  执行以下查询，以标识所有尚未包含的用户的所有SQL Server登录名的列表。
```
USE AdventureWorks2012
GOSELECT sdp.name   FROM sys.database_principals AS sdp  JOIN sys.server_principals AS ssp   ON sdp.sid = ssp.sid  WHERE sdp.authentication_type = 1AND ssp.is_disabled = 0 AND sdp.name <> 'dbo'
GO
```
  In the above snippet you could see that there are three users which have access to our newly converted contained database and they are not contained users with dependencies on SQL Server Instance. Next step will be to migrate them to be contained users for the contained database.
  
  在上面的代码片段中，您可以看到有三个用户可以访问我们新转换的包含数据库，而这些用户不是依赖于SQL Server实例的用户。下一步将是迁移他们成为包含数据库的包含用户。
  
  如何将SQL Server登录名迁移到包含的数据库用户 (How to migrate SQL Server logins to contained database users)
  
  Using sp_migrate_user_to_contained procedure you can convert any database user which is mapped to a SQL Server Login to a contained database user along with its password. Execute the below query to convert dbuser1 who has db_owner permissions from a non-contained user to a contained database user.
  
  使用sp_migrate_user_to_contained过程，可以将映射到SQL Server登录名的任何数据库用户及其密码转换为包含的数据库用户。执行以下查询，将具有db_owner权限的dbuser1从非包含用户转换为包含数据库用户。
```
Use AdventureWorks2012
GOsp_migrate_user_to_contained@username = N'dbuser1',@rename = N'keep_name',@disablelogin = N'do_not_disable_login';
GO
```
  In the below snippet you could see that dbuser1 is successfully migrated as a contained user for AdventureWorks2012 contained database.
  
  在下面的代码段中，您可以看到dbuser1已成功迁移为AdventureWorks2012包含数据库的包含用户。
  
  However, dbuser2 which also has access to contained database is still a non-contained user with dependencies on SQL Server Instance. The user dbuser2 and dbuser3 needs to be converted as a contained user to remove dependencies from the instance of SQL Server.
  
  但是，也可以访问包含的数据库的dbuser2仍然是依赖SQL Server实例的非包含用户。需要将用户dbuser2和dbuser3转换为包含的用户，才能从SQL Server实例中删除依赖项。
  
  For this demo we had three users namely dbuser1, dbuser2 and dbuser3 which had access to AdventureWorks2012 database. Once the database is converted as a contained database the final step, will be to migrate all non-contained users to Contained Database as a contained user. If you have multiple logins as in our case you can execute the below TSQL script using a SA account within the scope of contained database to successfully migrate all the SQL Server Logins relevant to the contained database.
  
  对于此演示，我们有三个用户，分别是dbuser1，dbuser2和dbuser3，它们可以访问AdventureWorks2012数据库。一旦将数据库转换为包含数据库，最后一步将是将所有非包含用户迁移为包含用户到包含数据库。如果像我们这样有多个登录名，则可以在包含的数据库范围内使用SA帐户执行以下TSQL脚本，以成功迁移与包含的数据库相关的所有SQL Server登录名。
```
Use AdventureWorks2012
GODECLARE @MigrateContainedUsers sysname ;
DECLARE MigrateContainedUsers CURSOR  FOR   SELECT sdp.name   FROM sys.database_principals AS sdp  JOIN sys.server_principals AS ssp   ON sdp.sid = ssp.sid  WHERE sdp.authentication_type = 1 AND ssp.is_disabled = 0 AND sdp.name <> 'dbo'OPEN MigrateContainedUsers
FETCH NEXT FROM MigrateContainedUsers INTO @MigrateContainedUsers  WHILE @@FETCH_STATUS = 0  BEGIN  EXECUTE sp_migrate_user_to_contained   @MigrateContainedUsers = @MigrateContainedUsers,  @rename = N'keep_name',  @disablelogin = N'disable_login';  FETCH NEXT FROM MigrateContainedUsers INTO @MigrateContainedUsers  END  CLOSE MigrateContainedUsers
DEALLOCATE MigrateContainedUsers 
```
  In the snippet below you could see that now all the three users are converted as a contained user of contained database and has no dependencies on SQL Server Instance.
  
  在下面的代码片段中，您可以看到现在所有三个用户都被转换为所包含数据库的包含用户，并且对SQL Server实例没有依赖性。
  
  结论 (Conclusion)
  
  In this article we explored how to identify containment breaches and then how to quickly migrate all SQL Server Logins of a Contained Database as a contained user of the contained database.
  
  在本文中，我们探讨了如何识别容纳违规行为，然后如何快速将包含数据库的所有SQL Server登录名迁移为包含数据库的包含用户。

翻译自: https://www.sqlshack.com/how-to-migrate-users-to-a-partially-contained-database-in-sql-server/