impersonation for azure analysis services

rajendar erabathini 606 Reputation points
2021-03-25T13:20:57.453+00:00

Hi - I have deployed the Azure tabular model from Visual studio 2019. I am connecting to Azure Synapse SQL Pool in Data source in legacy mode i.e. it uses SQL query format to get the data from source instead of Power Query. I have to use it since i am just migrating the existing on premise model to cloud including data source which currently in SQL and now in SQL Pool. I have just changed the connecting string. I have used Active Directory Integrated to authenticate the data source. It was processing fine in VS however after deploying to Azure AS server its throwing an error when i process( NO mapping between Account names and Security IDs was done.. The exception was raised by teh IDb Connection interface.). I believe its due to impersonation mode. I believe Azure AS doesn't have any system defined managed identity and its not understanding which service to use to connect data source. Do i need to use SQL Server db credentials instead of "Active Directory Integration" to authenticate the data source. Please provide inputs to resolve this.81538-capture.png
I can't use Windows account and "Credentials of the current user" since my cube is in "In Memory" mode.

Azure Analysis Services
Azure Analysis Services
An Azure service that provides an enterprise-grade analytics engine.
433 questions
0 comments No comments
{count} votes

Accepted answer
  1. Samara Soucy - MSFT 5,051 Reputation points
    2021-03-26T01:15:34.22+00:00

    You are correct that Active Directory Integrated does not work in Azure, with the exception of a Windows VM. Azure AD does have an equivalent of on premises system managed identity, but that feature hasn't yet been added to Azure Analysis Services (you can upvote it on UserVoice if it is something you would like to see). SQL authentication is going to be your best choice currently.

    1 person found this answer helpful.
    0 comments No comments

2 additional answers

Sort by: Most helpful
  1. Judah Kleinveldt 1 Reputation point
    2021-03-25T13:28:52.88+00:00

    Sounds like Azure AD and your prem AD are not speaking to each other, have you mapped all the required users on the On Prem server to Azure AD?

    https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/identity/azure-ad


  2. rajendar erabathini 606 Reputation points
    2021-03-26T05:58:25.37+00:00

    Thanks guys for support. I have managed to fix it using SQL authentication. Unfortunately Microsoft documentation doesn't address the solution for this problem to use SQL authentication in crystal clear way. Thanks!

    0 comments No comments