SSMS中AD用户的Azure SQL授权访问 [英] Azure SQL Grant Access for AD User in SSMS
问题描述
我为我们的azure sql服务器设置了一个azure广告管理员(全局管理员),现在我试图授予广告用户对sql数据库的访问权限. 我按照此视频中的说明进行操作 https://www.youtube.com/watch?v=pEPyPsGEevw ,因为我没有找到更好的选择. 如视频中所述,我在目标数据库上下文中创建了一个查询:
I set an azure ad admin (global admin) for our azure sql server, now i tried to grant a ad user access to the sql database. I followed the instructions in this video https://www.youtube.com/watch?v=pEPyPsGEevw, because i didn't found a better explenation. As described in the video, i created a query in the target database context:
CREATE USER [user@domain.com] FROM EXTERNAL PROVIDER
信息33134,第16级,状态1,第1行 主体"user@domain.com"无法解析.错误消息:'urn:ietf:params:oauth:grant-type:jwt-bearer'授予类型需要'AADSTS7000219:'client_assertion'或>'client_secret'. 跟踪ID:95da6617-732c-42bf-b74b-40a4fdffe000 相关编号:cf4b894f-f945-492c-a77f-e2976ac72eab 时间戳:2020-06-09 17:58:48Z
Msg 33134, Level 16, State 1, Line 1 Principal 'user@domain.com' could not be resolved. Error message: 'AADSTS7000219: 'client_assertion' or > 'client_secret' is required for the 'urn:ietf:params:oauth:grant-type:jwt-bearer' grant type. Trace ID: 95da6617-732c-42bf-b74b-40a4fdffe000 Correlation ID: cf4b894f-f945-492c-a77f-e2976ac72eab Timestamp: 2020-06-09 17:58:48Z
当我在主数据库中尝试相同的方法时,它会起作用.
When i try the same in master db, it works.
出了什么问题?还是您可以向我提供逐步指南的来源?我没有找到真正好的描述...
What goes wrong? Or could you provide me a source of a step by step guide? I didn't found a real good description...
推荐答案
在英国南部地区遇到完全相同的问题.
Experiencing exactly the same issue in the UK South region.
这不是解决方法,但似乎可以为我解决问题(即可以解决).要解决:
This isn't a fix, but it seems to resolve the issue for me (i.e. it's a work around). To fix:
- 将数据库扩展到至少S3,
- 应用更改
- 然后将其缩放回所需的水平.
应应用更改.
当我们最初尝试创建AAD用户/组时,我们的数据库位于S0,并且收到与上述完全相同的错误.
Our database was at S0 when we tried to create the AAD users/groups initially and we received exactly the same error as pointed out above.
这篇关于SSMS中AD用户的Azure SQL授权访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!