如何解决此问题?以前有人经历过吗?我正在尝试通过运行以下脚本来在我的sql server数据库中始终加密,如本教程中所述。我已经在我的天蓝色中检查了租户ID,AAD一切都很好,所以不确定为什么我会收到此错误。它证明很难找到任何类似问题的资源/帮助。
New-AzureRmKeyVault : The specified vault already exists.
At line:1 char:1
+ New-AzureRmKeyVault -VaultName $akvName -ResourceGroupName $resourceG ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [New-AzureRmKeyVault], ArgumentException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.KeyVault.NewAzureKeyVault
PS C:\Users\xxxxxxx> Set-AzureRmKeyVaultAccessPolicy -VaultName $akvName -ResourceGroupName $resourceGroup -PermissionsToKeys get, create, delete, list, update, import, backup, restore, wrapKey,unwrapKey, sign, verify -UserPrincipalName $azureCtx.Account
Set-AzureRmKeyVaultAccessPolicy : Cannot find the Active Directory object '' in tenant
'xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxx'. Please make sure that the user or application service principal you are
authorizing is registered in the current subscription's Azure Active directory. The TenantID displayed by the cmdlet
'Get-AzureRmContext' is the current subscription's Azure Active directory.
At line:1 char:1
+ Set-AzureRmKeyVaultAccessPolicy -VaultName $akvName -ResourceGroupNam ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzureRmKeyVaultAccessPolicy], ArgumentException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.KeyVault.SetAzureKeyVaultAccessPolicy
PS C:\Users\xxxxxxx> $akvKey = Add-AzureKeyVaultKey -VaultName "AdeKeyVault1"-Name "ContosoFirstKey" -Destination "Software"
PS C:\Users\xxxxxxx> # Import the SqlServer module.
PS C:\Users\xxxxxxx> Import-Module "SqlServer"
PS C:\Users\xxxxxxx>
PS C:\Users\xxxxxxx> # Connect to your database (Azure SQL database).
PS C:\Users\xxxxxxx> $serverName = "xxxxxxxxxxxxxxxxx.windows.net"
PS C:\Users\xxxxxxx> $databaseName = "Hospital"
PS C:\Users\xxxxxxx> $connStr = "Server = " + $serverName + "; Database = " + $databaseName + "; Authentication
= Active Directory Integrated"
PS C:\Users\xxxxxxx> $connection = New-Object Microsoft.SqlServer.Management.Common.ServerConnection
PS C:\Users\xxxxxxx> $connection.ConnectionString = $connStr
PS C:\Users\xxxxxxx> $connection.Connect()
Exception calling "Connect" with "0" argument(s): "Failed to connect to server (local)."
At line:1 char:1
+ $connection.Connect()
+ ~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : ConnectionFailureException
PS C:\Users\xxxxxxx> $server = New-Object Microsoft.SqlServer.Management.Smo.Server($connection)
PS C:\Users\xxxxxxx> $database = $server.Databases[$databaseName]
PS C:\Users\xxxxxxx>
PS C:\Users\xxxxxxx> # Create a SqlColumnMasterKeySettings object for your column master key.
PS C:\Users\xxxxxxx> $cmkSettings = New-SqlAzureKeyVaultColumnMasterKeySettings -KeyURL $akvKey.ID
PS C:\Users\xxxxxxx>
PS C:\Users\xxxxxxx> # Create column master key metadata in the database.
PS C:\Users\xxxxxxx> $cmkName = "CMK1"
PS C:\Users\xxxxxxx> New-SqlColumnMasterKey -Name $cmkName -InputObject $database -ColumnMasterKeySettings $cmkSettings
New-SqlColumnMasterKey : Cannot validate argument on parameter 'InputObject'. The argument is null or empty. Provide
an argument that is not null or empty, and then try the command again.
At line:1 char:52
+ New-SqlColumnMasterKey -Name $cmkName -InputObject $database -ColumnM ...
+ ~~~~~~~~~
+ CategoryInfo : InvalidData: (:) [New-SqlColumnMasterKey], ParameterBindingValidationException
+ FullyQualifiedErrorId : ParameterArgumentValidationError,Microsoft.SqlServer.Management.PowerShell.AlwaysEncrypt
ed.NewSqlColumnMasterKey
答案 0 :(得分:0)
您似乎使用的是Microsoft帐户(例如outlook.com,hotmail.com)。 UserPrincipalName不是您的电子邮件。
正如juuas所说,你可以使用用户的对象ID。
Set-AzureRmKeyVaultAccessPolicy -VaultName $akvName -ResourceGroupName $resourceGroup -PermissionsToKeys get, create, delete, list, update, import, backup, restore, wrapKey,unwrapKey, sign, verify -ObjectId <user id>