Skip to main content

[en] Azure Active Directory Managed Service Identity

[en] This article shows how to authenticate with an Azure AD identity by using a system-assigned or user-assigned managed identity.

[en] Common Prerequisites

  • [en] Available account in Azure Active Directory.

  • [en] Available Azure MS SQL server.

  • [en] Azure Active Directory is set to centrally manage identity and access to Azure SQL Database.

  • [en] Installed MS ODBC Driver for SQL Server. The current version is 17.

  • [en] Azure Managed Identity created. Object (principal) ID is stored.

  • [en] The user that corresponds to the Managed Identity is created in the SQL Database and the proper role is assigned to the user.

  • [en] The created identity is assigned to a virtual machine that runs in Azure.

[en] For more information, see the What are managed identities for Azure resources? article on the Microsoft documentation portal.

[en] DSN Connection

[en] You can connect with DNS using Data Connection Manager (DCM) or without it.

[en] Prerequisites: User or System DSN is configured in ODBC data source manager to use Azure Managed Service Identity authentication.

[en] DSN Connection without DCM

  1. [en] Place the Input Data tool on the Designer canvas.

  2. [en] Select the down arrow in the Connect a File or Database field.

  3. [en] From Data Sources, choose Microsoft Azure SQL Database - ODBC.

  4. [en] Choose DSN created in the preconditions from the dropdown.

  5. [en] There is no need to enter the User ID and Password.

  6. [en] Choose any table from your database in the Query Builder.

  7. [en] Select OK.

[en] DSN Connection Using DCM

  1. [en] Make sure that DCM is enabled.

  2. [en] Place the Input Data tool on the Designer canvas.

  3. [en] Below the Connect a File or Database field, select Set Up a Connection.

  4. [en] Choose Microsoft Azure SQL Database - ODBC from Data Sources.

  5. [en] Select the Add Data Source button.

  6. [en] Enter a descriptive Data Source Name.

  7. [en] Enter the name of DSN created in ODBC Data source manager and select Save.

    Enter DNS name

  8. [en] Select Connect Credential.

  9. [en] For Authentication Method select No Credentials.

  10. [en] Select Link.

    Click Link

  11. [en] Select Connect.

    Click Connect

  12. [en] Choose any table from your database in the Query Builder.

  13. [en] Select OK.

[en] DSN-less Connection

[en] You can establish a DSN-less connection using Data Connection Manager (DCM) or without it.

[en] DSN-less Connection without DCM

  1. [en] Place Input Data tool on Designer canvas.

  2. [en] Enter this connection string in the Connect a File or Database field:

    [en] odbc:Driver={ODBC Driver 17 for SQL Server};Server=tcp:<_your_server_>,1433;Database=<_your_database_>;Uid=<_your_user_id_>;Authentication=ActiveDirectoryMsi

    [en] Replace the text between <> with actual values.

  3. [en] Select the 3 dot icon next to the Table or Query option.

  4. [en] Choose any table from your database in the Query Builder.

  5. [en] Select OK.

[en] DSN-less Connection Using DCM

  1. [en] Make sure that DCM is enabled.

  2. [en] Place the Input Data tool on the Designer canvas.

  3. [en] Below Connect a File or Database field select Set Up a Connection.

  4. [en] Choose Microsoft SQL Server - Quick connect from Data Sources.

  5. [en] Select the Add Data Source button.

  6. [en] Provide a descriptive name for Data Source Name, actual server, and database name.

  7. [en] Make sure the Driver is set to ODBC Driver 17 for SQL Server.

  8. [en] Select the Save button.

    Click Save

  9. [en] Select Connect Credential.

  10. [en] Choose or provide Azure Managed Service Identity for Authentication Method and select Link.

  11. [en] Select Create New Credential.

  12. [en] Enter a descriptive Credential Name and Object ID.

  13. [en] Select the Create and Link button.

    Click Create

  14. [en] Select Connect.

    Click Connect

  15. [en] Choose any table from your database in the Query Builder.

  16. [en] Select OK.

: