Blog Post

Modernization Best Practices and Reusable Assets Blog
3 MIN READ

Seamless Cross-Tenant Migration of Azure SQL Databases without Modifying Connection Strings

tyrussel's avatar
tyrussel
Icon for Microsoft rankMicrosoft
Jan 13, 2025

Migrating an Azure SQL Database from one Entra tenant to another can seem like a daunting task, especially when you want to avoid modifying connection strings. However, with the right steps and careful planning, this process can be executed smoothly with minimal downtime. In this blog post, we'll walk you through the process, providing detailed instructions and insights to ensure a seamless migration.

Transferring an Azure SQL Database between tenants involves several steps, but it can be done efficiently without changing your connection strings. There are several reasons why an organization might need to migrate Azure Entra tenants. These can include organizational restructuring, mergers and acquisitions, compliance requirements, or the need to consolidate resources for better management and cost efficiency. This guide outlines the process in a clear and concise manner.

High-Level Overview

The migration process involves the following key steps:

  1. Create a Temporary Subscription in the Source Tenant: This is the initial step where you set up a new subscription in the source tenant.
  2. Move Resources to the Temporary Subscription: Use Azure Resource Mover to transfer the Azure SQL Server and Database to the new subscription.
  3. Transfer the Subscription to the Target Entra Tenant: This involves transferring the billing ownership of the subscription to the target tenant.
  4. Accept the Transfer at the Target Tenant: The target tenant accepts the transfer and completes the necessary verification steps.
  5. Move Resources to the Target Subscription in the Target Tenant: Finally, move the resources to the desired subscription within the target tenant.

 

Detailed Steps

  1. Create a Temporary Subscription in the Source Tenant
    • Navigate to the Azure Portal and create a new subscription (i.e. Pay-As-You-Go) if necessary.
    • Enter your payment information and complete the setup. 
  2. Move Resources to the Temporary Subscription

    • Open Azure Resource Mover and select "Move across subscription".

      •  

    • Create a new Resource Group and add the resources you want to move.

      •  

    • Select Add resources and select your SQL Server and SQL Database resources you want to move

      •  

    • Verify the resources and initiate the move.

      • Note: This can take a few minutes.

  3. Transfer the Subscription to the Target Entra Tenant

    • Select the Pay-As-You-Go subscription and transfer billing ownership to the target tenant's administrator.

      •  

    • Enter the recipient's email address
    • Important: Select 'Move subscription tenant' toggle to 'Yes'

      •  

    • The source administrator will receive an email to confirm the transfer request.

  4. Accept the Transfer at the Target Tenant

    • The target tenant's administrator accepts the transfer and completes the verification process.

      •  

    • Once the transfer is complete, the subscription will appear in the target tenant.

      •  

  5. Move Resources to the Target Subscription in the Target Tenant

    • Use Azure Resource Mover to transfer the Azure SQL Server and Database to the desired subscription within the target tenant.
    • Verify the resources and complete the move.

      •  

 

Post-Transfer Tasks

After the migration, there are a few additional steps and best practices that should be followed to ensure everything is set up correctly:

  • Take Ownership of the Server in the New Tenant: Set the desired Entra ID for the administrator of the SQL Server.
  • Configure Security and Access: Set up necessary security controls and drop any old Entra IDs.
  • Review Firewall Rules: Ensure that firewall rules and any Azure Key Vault configurations are correct.
  • Test the Database: Perform thorough testing to ensure all data and functionalities are intact.

Downtime Planning

During the migration process, it's crucial to plan for minimal downtime. In our testing, we used an application that continuously inserted records into the database, and no loss of connection occurred throughout the transfer.

Little to no downtime can be achieved in this process but only when using SQL Authentication. Because the Entra tenant is changing, any logins based on that tenant will cease to work once the database is moved.

Conclusion

Business conditions often change and can require the movement of Azure SQL Databases across Entra tenants. While this process can often seem daunting, following this can be straightforward if you follow the steps outlined in this guide. Remember to thoroughly test the database after the transfer and update all necessary configurations and security rules to maintain seamless operations.

Feedback

If you have feedback or suggestions for improving this data migration asset, please comment here or contact the Databases SQL Customer Success Engineering Team (datasqlninja@microsoft.com) directly. Thanks for your support!

Note: For additional information about migrating various source databases to Azure, see the Azure Database Migration Guide.

 

Happy Migrating!

Updated Feb 12, 2025
Version 3.0
database platform cse
database platform cse – sql

2 Comments

Sort By
  • msc-msc's avatar
    msc-msc
    Icon for Microsoft rankMicrosoft
    May 07, 2025

    This process has saved hours of work and because it's a metadata operation is quick!  Thanks team!

     

    • tyrussel's avatar
      tyrussel
      Icon for Microsoft rankMicrosoft
      May 07, 2025

      Thanks for your feedback and glad to hear you found this helpful!