无法使用Active Directory从MSSMS连接到Azure SQL-密码 [英] Cannot connect to Azure SQL from MSSMS using Active Directory - Password
问题描述
我是Azure组管理员.
我用于Azure帐户的主要电子邮件是me@mydomain.com(嗯,你知道..)
我向默认目录添加了一个自定义域. = mydomain.com.它显示在列表中为已验证.
我在默认目录中创建了一个称为DBA的AD组.
我将me@mydomain.com添加到了DBA组.
我已将DBA组分配为MyAzureSQLServer的AD SQL管理员. (Azure SQL服务器).
我通过MSSMS进行了委托人查询,并看到了DBA组,以验证其是否已连接.
然后,我尝试使用me@mydomain.com和正确的密码(我在两天前确认,试图进入Azure)使用Active Directory密码从MSSMS登录到MyAzureSQLServer.
之后
我收到以下错误:
===================================
标题:连接到服务器
------------------------------
无法连接到actionmap.database.windows.net.
------------------------------
其他信息:
发生一个或多个错误. (mscorlib)
------------------------------
发生一个或多个错误. (mscorlib)
------------------------------
AADSTS50034:要登录此应用程序,必须将帐户添加到
05907bd6-5198-4caf-a794-f31461d86a8b 目录.
跟踪ID:e271f101-9292-46ee-b841-873eae340300
相关编号:1ce045a5-e70b-4c61-a83f-1665ea5123f3
时间戳记:2018-08-07 22:47:15Z(System.Data)
------------------------------
按钮:
好
------------------------------
=====================================
上面粗体显示的目录ID是默认目录(已确认).
按照此处的说明进行操作:
https://docs.microsoft.com/zh-cn/azure/sql-database/sql-database-aad-authentication
它说
以下成员可以在Azure SQL服务器或SQL数据仓库中预配置Azure AD:
- 本地成员:在Azure AD中在托管域或客户域中创建的成员.有关更多信息,请参见添加
您自己的域名到Azure AD .
...基于此,我认为登录名me@mydomain.com应该能够通过Active Directory-密码访问MyAzureSQLServer,因为自定义域mydomain.com已添加到Azure AD并经过验证. /p>
我在这里可能会想念什么?
谢谢!
The following members of Azure AD can be provisioned in Azure SQL server or SQL Data Warehouse:
- Native members: A member created in Azure AD in the managed domain or in a customer domain. For more information, see Add your own domain name to Azure AD.
... based on that I thought that the login me@mydomain.com should be able to access MyAzureSQLServer through Active Directory - Password, because the custom domain mydomain.com has been added to Azure AD and verified.
What might I be missing here?
Thanks!
解决方案I would suggest you check the Azure AD features and limitations again in referred document. As you mentioned you are providing access on group basis, ensure the Active Directory group created as security group.
这篇关于无法使用Active Directory从MSSMS连接到Azure SQL-密码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!