Azure AD user unable to connect to Azure SQL Error: 18456,State:1,Class:14
Question
BACKGROUND
The user is defined in Azure AD and in Azure SQL.
-
test.user@company.comis defined and active in Azure AD. I'm able to log in with this user in Azure portal. - I have created a contained database user with the clause "from external provider" in the Azure SQL database and added the user to the
db_datareadersystem role. The commands commits without error. I have compared the Asset ID in Azure AD and the SID in database and they match. I have tried with different users. - I am able to login as an AD User assigned to the SQL servers assigned "Active Directory Admin"
- SQL Server users also login without any issue
Login test in SSMS
I have set default database to the specific database I'm trying to log into (Options-Connect to database).
I have tried with different Authentication modes:
- “Azure Active Directory – Universal with MFA” and
- “Azure Active Directory – Password”
When I try to login with SSMS I get
Error: 18456, state 1, class 14.
When I query [sys].[event_log] it returns
[event_systype]= 4, [event_subtype_desc] = login_failed_for_user.
PROCESS FOLLOWED
I have a user defined in Azure AD. (test.user@company.com)
In my Azure SQL database, I have set an Active Directory administrator.
I have created a user in SSMS test.user@company.com with the following syntax:
CREATE USER [test.user@company.com] FROM EXTERNAL PROVIDER;I have assigned the user to the
db_datareaderrole with the following syntax:ALTER ROLE db_datareader ADD MEMBER [test.user@company.com]ISSUE: When I try to connect as
test.user@company.com, the connection fails and I get this error:Login Failed for user test.user@company.com
Details of error contains:
Error Number: 18456, State: 1, Class: 14
I have tried to find an answer on docs.microsoft.com, googled my ass off and found some useful resources on this, but none that actually helps me with pinpointing what to do to resolve the issue. If anybody have an Idea of what I'm doing wrong, ref "PROCESS FOLLOWED" I'd be forever grateful:)
2 answers
solution1
0 ACCPTED 2020-12-09 20:22:29
I solved it by a workaround, setting up a new database. I did not find the cause of the problem, but it must be related to database setup "DTU"-"Basic" or some setting that I have managed to set without remembering. Anyways, my process works when I set up a new database with "DTU"-"Standard" Configuration.
solution2
0 2021-11-09 04:07:49
It seems to be some kind of encoding problem. After almost giving up and using a different DB, I tried creating a new one, but without some special characters . And suddenly, it worked.
If you can't change your database's password, you can just edit the connection string in another editor and it works as well (Notepad, VS code, etc).
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.