...
To use the Azure Active Directory authentication mode, you need to :
...
Ńonfigure Azure AD with Azure Managed Instance.
Active Directory Integrated Authentication
Active Directory Integrated Authentication is a mechanism of connecting to Azure SQL Managed Instance by using the Azure Directory integrated mode.
To use the Active Directory Integrated Security authentication option, follow these steps:
On your client machines, from which your applications or users connect to Azure MI using Azure AD identities, install the following software:
.NET Framework 4.6 or later from https://msdn.microsoft.com/library/5a4x27ek.aspx.
Azure Active Directory Authentication Library for SQL Server (ADAL.DLL).
Install the latest OLE DB driver that contains the ADAL.DLL libraryYou can install the adal.dll file from Microsoft ODBC Driver for SQL Server or Microsoft OLE DB Driver for SQL Server.
| Info |
|---|
For more information about requirements, see Configure your client computers. |
Check whether you can see the
adal.dllfile in theC:\Windows\System32andC:\Windows\SysWOW64folders, which is needed for the Active Directory Integrated connection. Theadal.dllfile will be automatically added to these folders after you install the OLE DB driver.
| Info |
|---|
In case you have issues with the |
...
...
. |
To use the Active Directory Integrated Security authentication option, follow these steps:
Ensure that you federated the on-premise Active Directory Federation Services (AD FS) with the Azure Active Directory in the cloud.
Make the connection from a domain-joined machine that is connected with Azure Active Directory. Additionally, a database user representing your Azure Active Directory principal, or one of the groups to which the user belongs, needs to exist in the database and have the
CONNECTpermission.
| Info |
|---|
You can access Azure SQL Managed Instance without entering credentials when you are logged in to a domain-joined machine. |
...
As Azure Active Directory Password Authentication is a mechanism for connecting to Azure SQL Managed Instance by using identities in Azure Active Directory, you can connect to applications by using an Azure Active Directory username and password.
To connect using the Active Directory Password authentication, follow these steps:
Ensure that you federated the on-premise Active Directory Federation Services (AD FS) with the Azure Active Directory in the cloud.
Make the connection from a domain-joined machine that is connected with Azure Active Directory. Additionally, a database user representing your Azure Active Directory principal, or one of the groups to which the user belongs, needs to exist in the database and have the
CONNECTpermission.
| Info |
|---|
You can access Azure SQL Managed Instance without entering credentials when you are logged in to a domain-joined machine. |
3. Run the following scripts:
| Code Block |
|---|
CREATE LOGIN [testuser@onmicrosoft.com] FROM EXTERNAL PROVIDER;
CREATE USER [testuser@onmicrosoft.com] FOR LOGIN [testuser@onmicrosoft.com];
ALTER ROLE [db_datareader] ADD MEMBER [testuser@onmicrosoft.com];
ALTER ROLE [db_datawriter] ADD MEMBER [testuser@onmicrosoft.com];
ALTER ROLE [db_ddladmin] ADD MEMBER [testuser@onmicrosoft.com]; |
| Info |
|---|
For more information about the configuration of the |
To create a connection with the Active Directory Password mode in Datical DB, select the following:
...
Also, enter your hostname, port, application name, database name, instance name, username, and password.
| Info |
|---|
For more information about the configuration of the |
Active Directory MSI Authentication
...