[英]SSMS and Active Directory Authentication doesn't work with Azure SQL and non-Azure SQL
So we have Azure AD synced with our on-premise domain. 因此,我们已将Azure AD与内部部署域同步。 We have an Azure SQL Server configured with the active directory admin.
我们有一个使用活动目录admin配置的Azure SQL Server。 We also have a non Azure SQL server running on a virtual machine in Azure that is domain joined to this same domain.
我们也有一个非Azure SQL服务器在Azure的虚拟机上运行,该虚拟机已加入该域。 The following are the results of using the various authentication mechanisms offered by SQL Management Studio (SSMS).
以下是使用SQL Management Studio(SSMS)提供的各种身份验证机制的结果。 Can someone explain why the failures occur with the various options that should be supported?
有人可以用各种应支持的选项解释为什么会发生故障吗?
Facts about environment: 关于环境的事实:
Domain joined client connecting to Azure SQL from SSMS 域加入客户端从SSMS连接到Azure SQL
Failure when client is standard domain joined client 客户端是标准域加入客户端时失败
Failure when client is Azure domain joined client 客户端为Azure域加入客户端时失败
Domain joined client connecting to non-Azure SQL hosted on same domain 已加入域的客户端连接到同一域上托管的非Azure SQL
This issue may be related with the AD Syncing options. 此问题可能与“ AD同步”选项有关。 Verify in your environment that AD is not syncing passwords into the tenant.
在您的环境中验证AD是否未将密码同步到租户中。 This prevents AD Integration Authentication and AD Password Authentication.
这样可以防止AD集成身份验证和AD密码身份验证。 The only authentication that works on these cases is AD Universal Authentication, as your test shows.
如测试所示,在这些情况下唯一适用的身份验证是AD通用身份验证。
It looks to me that his is an ADAL problem (WSTrust) related to network configuration. 在我看来,他是与网络配置有关的ADAL问题(WSTrust)。 Please create a support case and work with the support team to solve this problem
请创建一个支持案例并与支持团队一起解决此问题
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.