Where is the password saved when creating a contained user for the Azure SQL database (PaaS)?
CREATE USER taiobtest WITH password='PVHz3U4A$LNytQF^'; GO
For server logins I can get it from
My use case is refreshing non-production from production backup. I need to script out the database contained users and all relevant permission before the restoration. Once restored clean up production database users/permission and reinstate non-production users and permissions.
Below are the methods you can try. The first solution is probably the best. Try others if the first one doesn’t work. Senior developers aren’t just copying/pasting – they read the methods carefully & apply them wisely to each case.
As Tibor points out, the practical answer here is “in the database”, so it follows the database through backup/restore or an AG failover. That is the reason database users with passwords were added to partially contained databases and Azure SQL Database.
If you examine the
sys.database_principals you can discover that it’s actually in a system table called
sys.sysowners, stored as a hash, which can only be queried from the Dedicated Administrator Connection.