MasterKey Class

  • Article

The MasterKey object represents a SQL Server database master key.

Namespace: Microsoft.SqlServer.Management.Smo
Assembly: Microsoft.SqlServer.Smo (in microsoft.sqlserver.smo.dll)

Syntax

'Declaration
Public NotInheritable Class MasterKey
    Inherits SqlSmoObject
    Implements IDroppable

public sealed class MasterKey : SqlSmoObject, IDroppable

public ref class MasterKey sealed : public SqlSmoObject, IDroppable

public final class MasterKey extends SqlSmoObject implements IDroppable

public final class MasterKey extends SqlSmoObject implements IDroppable

Remarks

Updated text:

A database master key is used to symmetrically encrypt keys and certificates that are stored in the database. A database master key can be encrypted by using the service master key or by using a user-specified password. When a database master key is created, a password must be supplied to encrypt and decrypt it.

When a database is being attached to an instance of SQL Server, the database administrator must either supply the master key password or make an unencrypted copy of the master key that is available for encryption with the service master key.

The service master key is the lop layer in the encryption hierarchy that is used to encrypt lower layers in the encryption hierarchy. The service master key is generated automatically by Windows. It can be opened only by the Windows service account under which it was created, or by a user who knows both the service account name and its password.

This namespace, class, or member is supported only in version 2.0 of the Microsoft .NET Framework.

To get MasterKey object properties, users can be a member of the public fixed server role.

To set MasterKey object properties, users must have CONTROL permission on the database or be a member of the db_owner fixed database role.

To create or drop a master key, users must have CONTROL permission on the database or be a member of the db_owner fixed database role.

To open or regenerate a master key, users must have CONTROL permission on the database or be a member of the db_owner fixed database role.

To add or drop service key encryption, users must have CONTROL permission on the database or be a member of the db_owner fixed database role.

To drop a master key, users can be a member of the public fixed server role.

Inheritance Hierarchy

System.Object
   Microsoft.SqlServer.Management.Smo.SmoObjectBase
     Microsoft.SqlServer.Management.Smo.SqlSmoObject
      Microsoft.SqlServer.Management.Smo.MasterKey

Thread Safety

Any public static (Shared in Microsoft Visual Basic) members of this type are thread safe. Any instance members are not guaranteed to be thread safe.

Platforms

Development Platforms

For a list of the supported platforms, see Hardware and Software Requirements for Installing SQL Server 2005.

Target Platforms

For a list of the supported platforms, see Hardware and Software Requirements for Installing SQL Server 2005.

See Also

Reference

MasterKey Members
Microsoft.SqlServer.Management.Smo Namespace

Other Resources

Encryption Hierarchy
CREATE MASTER KEY (Transact-SQL)

Change History

Release

History
New content:

  • Added description of Service Master Key in the description..