sql-server - 尝试使用 powershell 使用服务主密钥加密数据库主密钥

问题描述

我正在尝试使用 powershell 使用服务主密钥加密 SQL Server 主数据库中的主密钥。

主密钥详细信息使用 SMO 列出，如下所示。

$instanceName = "sqlinstance"
$server = New-Object -TypeName Microsoft.SqlServer.Management.Smo.Server -ArgumentList $instanceName

$databasename = "master"
$database = $server.Databases[$databasename]
$database.MasterKey

***************************************************************************
CreateDate          : 7/20/2018 5:01:25 AM
DateLastModified    : 7/20/2018 5:01:25 AM
IsEncryptedByServer : False
IsOpen              : False
Parent              : [master]
Urn                 : 
Server[@Name='sqlinstance']/Database[@Name='master']/MasterKey
Properties          : 
{Name=CreateDate/Type=System.DateTime/Writable=False/Value=07/20/2018 
05:01:25,

Name=DateLastModified/Type=System.DateTime/Writable=False/Value=07/20/2018 
05:01:25,

Name=IsEncryptedByServer/Type=System.Boolean/Writable=False/Value=False,
                  Name=IsOpen/Type=System.Boolean/Writable=False/Value=False}
ExecutionManager    : Microsoft.SqlServer.Management.Smo.ExecutionManager
UserData            :
State               : Existing
IsDesignMode        : False
***************************************************************************

Master Key 有一个方法，AddServiceKeyEncryption()，如此处所述。

我正在尝试使用这种方法，如下所示。但是，它会抛出一个错误，该错误位于命令下方。

$database.MasterKey.AddServiceKeyEncryption()
***************************************************************************
Exception calling "AddServiceKeyEncryption" with "0" argument(s): "Add 
encryption failed for MasterKey
'Microsoft.SqlServer.Management.Smo.ObjectKeyBase'. "
At line:1 char:1
+ $database.MasterKey.AddServiceKeyEncryption()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : FailedOperationException
***************************************************************************

有人可以在这里帮忙吗。

添加完整错误：

PSMessageDetails      :
Exception             : 
System.Management.Automation.MethodInvocationException: Exception calling
                    "AddServiceKeyEncryption" with "0" argument(s): "Add 
encryption failed for MasterKey
                    'Microsoft.SqlServer.Management.Smo.ObjectKeyBase'. " --- 
>

Microsoft.SqlServer.Management.Smo.FailedOperationException: Add encryption 
failed for
                    MasterKey 
'Microsoft.SqlServer.Management.Smo.ObjectKeyBase'.  --->

Microsoft.SqlServer.Management.Smo.InvalidSmoOperationException: You cannot 
execute this
                    operation since the object has not been created.
                       at 
Microsoft.SqlServer.Management.Smo.SqlSmoObject.CheckObjectStateImpl(Boolean
                    throwIfNotCreated)
                       at 
Microsoft.SqlServer.Management.Smo.MasterKey.AddServiceKeyEncryption()
                       --- End of inner exception stack trace ---
                       at 
Microsoft.SqlServer.Management.Smo.MasterKey.AddServiceKeyEncryption()
                       at CallSite.Target(Closure , CallSite , Object )
                       --- End of inner exception stack trace ---           
at System.Management.Automation.ExceptionHandlingOps.ConvertToMethodInvocationException(Exception
                    exception, Type typeToThrow, String methodName, Int32 numArgs, MemberInfo memberInfo)
                       at CallSite.Target(Closure , CallSite , Object )
                       at System.Dynamic.UpdateDelegates.UpdateAndExecute1[T0,TRet](CallSite site, T0 arg0)
                       at System.Management.Automation.Interpreter.DynamicInstruction`2.Run(InterpretedFrame frame)
                       at
                    System.Management.Automation.Interpreter.EnterTryCatchFinallyInstruction.Run(InterpretedFrame
                    frame)
TargetObject          :
CategoryInfo          : NotSpecified: (:) [], MethodInvocationException
FullyQualifiedErrorId : FailedOperationException
ErrorDetails          :
InvocationInfo        : System.Management.Automation.InvocationInfo
ScriptStackTrace      : at <ScriptBlock>, <No file>: line 1
PipelineIterationInfo : {}

标签： sql-serverpowershell-2.0tde