Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • Microsoft SQL Server with the SQL Authentication and Integrated Security

  • Azure SQL Database and Azure SQL Managed Instance with:

    • SQL Authentication

    • Active Directory Integrated Authentication

    • Active Directory Password Authentication

    • Active Directory MSI Authentication

SQL Authentication

SQL Authentication refers to the authentication of a user when connecting to Azure SQL Managed Instance and using username and password.

...

  • Username

  • Password

  • Hostname

  • Port

  • Database name

  • Instance name

Azure Active Directory Authentication

The Azure Active Directory authentication refers to the authentication of a user when connecting to Azure SQL Managed Instance and using identities in Azure Active Directory.

Prerequisites

To use the Azure Active Directory authentication mode, you need to сonfigure Azure AD with Azure Managed Instance.

Active Directory Integrated Authentication

Active Directory Integrated Authentication is a mechanism of connecting to Azure SQL Managed Instance by using the Azure Directory integrated mode.

...

Also, enter your hostname, port, application name, database name, and instance name.

Active Directory Password Authentication

As Azure Active Directory Password Authentication is a mechanism for connecting to Azure SQL Managed Instance by using identities in Azure Active Directory, you can connect to applications by using an Azure Active Directory username and password.

...

Info

For more information about the configuration of the ActiveDirectoryPassword authentication, see Connecting using ActiveDirectoryPassword authentication mode.

Active Directory MSI Authentication

You can use Active Directory MSI Authentication for connection from inside an Azure Resource with the Identity feature.

...

To create a connection with the Active Directory MSI mode in Datical DB, select the following:

  1. Ensure that you federated the on-premise Active Directory Federation Services (AD FS) with the Azure Active Directory in the cloud.

  2. Make the connection from a domain-joined machine that is connected with Azure Active Directory. Additionally, a database user representing your Azure Active Directory principal, or one of the groups to which the user belongs, needs to exist in the database and have the CONNECT permission.

Info

You can access Azure SQL Managed Instance without entering credentials when you are logged in to a domain-joined machine.

3. Run the following scripts:

Code Block
CREATE LOGIN [testuser@onmicrosoft.com] FROM EXTERNAL PROVIDER;

CREATE USER [testuser@onmicrosoft.com] FOR LOGIN [testuser@onmicrosoft.com];

ALTER ROLE [db_datareader] ADD MEMBER [testuser@onmicrosoft.com];

ALTER ROLE [db_datawriter] ADD MEMBER [testuser@onmicrosoft.com];

ALTER ROLE [db_ddladmin] ADD MEMBER [testuser@onmicrosoft.com];

To create a connection with the Active Directory MSI mode in Datical DB, select the following:

  • Connection Type - Azure SQL Managed Instance

  • Security -Active Directory MSI Authentication

...