Connect to Azure SQL DB using Active Directory Integrated Authentication in SSMS RRS feed

  • Question

  • Hello,

    I am unable to get Active Directory Integrated Authentication working and am hoping for some guidance with respect to what try next in order to get integrated authorization to work correctly.   

    Here is an overview of our environment:

    * Azure SQL DB - v12
    * Azure Active Directory
    * Trust between Azure AD and ADFS
    * Azure AD Connect 
    * SSMS 2016 RC 1
    * Followed set up instructions outlined in Azure Documentation

    When trying to use AD Integrated Auth in SSMS, here is an error message:

       Failed to authenticate the user NT Authority\Anonymous Logon in Active Directory (Authentication=ActiveDirectoryIntegrated).

       Error code 0xCAA90018; state 10

        Could not discover a user realm. (.Net SqlClient Data Provider)

    SSMS is running on a domain joined computer and I'm connected to it as a user who is synchronized with AAD and is a member of the Azure AD Admin Group for the Azure sql server.

    (I can connect using Active Directory Password Authentication without error. )

    Any help would be greatly appreciated.  Thanks!

    • Edited by j. bush Friday, April 8, 2016 12:28 AM
    Friday, April 8, 2016 12:26 AM

All replies

  • Hello-

    Could you please download and install the latest version of ADALSQL.dll using the main doc you have mentioned above?  This is the communication library between Azure AD and Azure SQL Server.

    Once this is done please re-run your test.

    If the problem persists, please contact  SQLAzureADAuth@microsoft.com  alias to discuss further steps.

    Mirek Sztajno, Senior Program Manager SQL Server Security  

    Friday, April 8, 2016 6:34 PM
  • Thanks.

    I downloaded and installed the latest version of ADALSQL.dll and the problem remains.

    I will contact SQLAzureADAuth

    Thank you.

    Friday, April 8, 2016 6:58 PM