Azure SQL Active Directory集成身份验证,联合域

时间:2016-09-01 05:19:12

标签: sql-server azure authentication active-directory

我无法使用Active Directory集成身份验证连接到Azure SQL Server。尝试进行身份验证时,我会收到以下错误消息。

任何有关如何进一步确定此问题的想法都会受到关注。

干杯

无法连接到XXXXXXX.database.windows.net。

===================================

无法在Active Directory中验证用户NT Authority \ Anonymous Logon(Authentication = ActiveDirectoryIntegrated)。 错误代码0xCAA9002C;国家10 无法解析XML blob。 原因:XML文档必须具有顶级元素。 行:0,位置:0 文字:(null)(。Net SqlClient数据提供者)

如需帮助,请点击:http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=0&LinkId=20476

服务器名称:XXXXXXX.database.windows.net 错误号码:0 严重程度:11 州:0 过程:ADALGetAccessToken

计划地点:

   at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, DbConnectionPool pool, String accessToken, Boolean applyTransientFaultHandling)
   at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionFactory.TryGetConnection(DbConnection owningConnection, TaskCompletionSource`1 retry, DbConnectionOptions userOptions, DbConnectionInternal oldConnection, DbConnectionInternal& connection)
   at System.Data.ProviderBase.DbConnectionInternal.TryOpenConnectionInternal(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
   at System.Data.ProviderBase.DbConnectionClosed.TryOpenConnection(DbConnection outerConnection, DbConnectionFactory connectionFactory, TaskCompletionSource`1 retry, DbConnectionOptions userOptions)
   at System.Data.SqlClient.SqlConnection.TryOpenInner(TaskCompletionSource`1 retry)
   at System.Data.SqlClient.SqlConnection.TryOpen(TaskCompletionSource`1 retry)
   at System.Data.SqlClient.SqlConnection.Open()
   at Microsoft.SqlServer.Management.SqlStudio.Explorer.ObjectExplorerService.ValidateConnection(UIConnectionInfo ci, IServerType server)
   at Microsoft.SqlServer.Management.UI.ConnectionDlg.Connector.ConnectionThreadUser()

2 个答案:

答案 0 :(得分:0)

登录联盟域中的计算机后,我正在使用SSMS进行连接。

尝试连接时,错误将返回给SSMS。

我假设Azure SQL Server可以通过调用Procedure:ADALGetAccessToken来识别用户来自联合域吗?

感谢

中号

答案 1 :(得分:0)

我最近遇到了类似的问题,并指出我们的Azure实例需要MFA登录。 Blob实际上是强制响应的HTML登录页面。