locked
##MS_DatabaseMasterKey## on user database RRS feed

  • Question

  • Hi,

    I run the query on one of our user databases (not MASTER) and found Database Master Key (##MS_DatabaseMasterKey##) on it. 

    USE AdventureWorks
    SELECT * FROM sys.symmetric_keys

    I know that master database should have this key together with Service Master Key, but what Database Master key is doing on user database?

    Can this key be deleted?

    Can I check any associations to that key?

    User database is not encrypted.

    Thanks

    Tuesday, December 29, 2015 10:57 AM

Answers

  • That is a database master key. There may be other keys that are protected by this key. (And you will be told if you try to drop it.)

    You can check whether anything is encrypted by the key with this query:

    SELECT * FROM sys.key_encryptions WHERE crypt_type = 'ESKM'

    Tuesday, December 29, 2015 10:26 PM

All replies

  • http://blog.sqlauthority.com/2009/04/28/sql-server-introduction-to-sql-server-encryption-and-symmetric-key-encryption-tutorial-with-script/

    Please click Mark As Answer if my post helped.

    Tuesday, December 29, 2015 2:37 PM
  • That is a database master key. There may be other keys that are protected by this key. (And you will be told if you try to drop it.)

    You can check whether anything is encrypted by the key with this query:

    SELECT * FROM sys.key_encryptions WHERE crypt_type = 'ESKM'

    Tuesday, December 29, 2015 10:26 PM