我在通過Azure Active Directory向Azure SQL數據庫進行身份驗證時遇到問題。使用Azure Active Directory在Azure SQL數據庫中進行身份驗證B2C
我非常以下我發現這裏的指令:使用Azure的Active Directory驗證連接到SQL數據庫] [https://azure.microsoft.com/en-us/documentation/articles/sql-database-aad-authentication/]
我能夠使用本地主機和OpenID Azure中的Active Directory進行身份驗證。我可以註冊,登錄和註銷。我以用戶的身份使用了「[email protected]」(實際電子郵件已更改),並且我可以通過登錄來獲得授權代碼和id_token。我還添加了「[email protected]」作爲我的SQL數據庫的Active Directory管理員,並將我的計算機的IP地址添加到防火牆設置。
我試圖與 「[email protected]」 使用Microsoft SQL Server Management Studio來進行身份驗證,但我收到此錯誤信息:
===================================
Cannot connect to abc.database.windows.net.
===================================
Failed to authenticate the user [email protected] in Active Directory (Authentication=ActiveDirectoryPassword).
Error code 0xCAA90018; state 10
Could not discover a user realm. (.Net SqlClient Data Provider)
------------------------------
For help, click: http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=0&LinkId=20476
------------------------------
Server Name: abc.database.windows.net
Error Number: 0
Severity: 11
State: 0
Procedure: ADALGetAccessToken
------------------------------
Program Location:
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, DbConnectionPool pool, String accessToken, Boolean applyTransientFaultHandling)
at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
at System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
at System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
at System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
at System.Data.SqlClient.SqlConnection.Open()
at Microsoft.SqlServer.Management.SqlStudio.Explorer.ObjectExplorerService.ValidateConnection(UIConnectionInfo ci, IServerType server)
at Microsoft.SqlServer.Management.UI.ConnectionDlg.Connector.ConnectionThreadUser()
這裏是我的假Azure的設置:
Azure Active Directory B2C
Directory domain: xyz.onmicrosoft.com
Azure SQL Server
Name: abc.database.windows.net
Server version: V12
Number of databases: 1
Database name: def
Dababase pricing tier: S0 Standard
我還將包含SQL數據庫和服務器的訂閱設置爲與上述相同的Active Directory。
我讀過一些關於「包含數據庫」和「包含數據庫用戶」的內容,我可能需要2個數據庫:「主數據庫」和「用戶數據庫」,但我不明白這一切,特別是在Azure SQL數據庫的上下文中。下面是我讀的環節之一,但不完全瞭解:
[https://msdn.microsoft.com/library/ff929188.aspx] [包含數據庫用戶 - 讓您的數據庫移植]
我會後下面的各個環節,因爲因此深得讓我發佈超過2個鏈接。
下面是其他連接:[https://technet.microsoft.com/library/ff929071.aspx] [包含的數據庫] [https://azure.microsoft。 [Azure SQL數據庫安全指南和限制] –
**更新** 我有圖片: [登錄嘗試1] [http: //i.stack.imgur.com/qiqUg.png] [登錄嘗試2] [http://i.stack.imgur.com/8u9oZ.png] [error message] [http://i.stack.imgur.com/MqwJS.png] 使用我的假的,不存在的信息的錯誤消息與當我使用我的實際「服務器名稱」和「用戶名「,所以也許這意味着什麼? –