This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 74%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBS%3C/text%3E%3C/svg%3E)
Dear Experts,
as part of a migration project I am trying to connect Azure AS Tabular to Azure SQL through Database Gateway and Private Endpoint.
(This method was actually recommended by Microsoft experts to be able to use only Private Endpoint and disable Public Access to Azure SQL).
Without Database Gateway and Private Endpoint, the following worked for me:
Side note, Powershell Get-AzAccessToken does not return Refresh Token, only access token. Strange.
But my first question is, exactly what authentication kinds are availabe in this scenario without Database Gateway?
Because I could not find a list anywhere. Tried the list of values found for ADO with and without spaces (ActiveDirectoryPassword, Active Directory Password, Active Directory MFA, Active Directory Default, Active Directory Integrated etc.) but for all listed ones the following error appearead at data load time:
Error returned: '<ccon>The data source kind doesn't support the credential type. Data source kind: SQL. Credential type: ActiveDirectoryPassword.</ccon>. The exception was raised by the IDbConnection interface.
After connecting through Database Gateway + Private link, even the OAuth2 stops working with this error message:
<ccon>The server name provided doesn't match the server name on the SQL Server SSL certificate. Please see https://go.microsoft.com/fwlink/?LinkId=394782. (Source at INSTANCE.privatelink.database.windows.net;DBNAME.)</ccon>. The exception was raised by the IDbCommand interface.
The link points to ADO.Net Data Provider What's new page, no actual information about the problem.
Tried Googling, crawled Microsoft Learn links, ADO, SSAS, ASQL resources, no actual luck.
So my second question is, has anyone faced the same error? If so, could you please point me to the right direction?
Any help is greatly appreciated.
Barna
Hi, @BarnabasSipos-5600 Welcome to the Microsoft Q&A forum, Thanks for posting your question.
Does this work if there is no private endpoint.? what FQDN are you trying to connect to? Please confirm.
Regards
Geetha
Hi Geetha,
Thanks for taking care of this case.
Without Private Endpoint I confirm it works, using both of the above mentioned credential part in Tabular Data Source XMLA definition, while with Private Endpoint it works only with username+pass DB auth.
Without Private Endpoint the FQDN used is SERVERNAME.database.windows.net.
Using Private Endpoint it is SERVERNAME.privatelink.database.windows.net.
Should any more information needed, I am happy to provide.
Cheers,
Barna
@Barnabas Sipos Sorry for the delay in my response
you should use the same FQDN regardless of the private link or not. SSL will fail since the SSL cert does not contain an entry for *.privatelink.database.windows.net. The “private link” FQDN is not to be used directly.
Please let me know if you need any additional information.
Regards
Geetha
Thanks for taking the time to answer.
I will test it the following days and get back with the result.
Best regards,
Barna
@Barnabas Sipos Sure Thanks for your response .
Regards
Geetha
Hi Geetha,
thanks again for your answer.
I have tested and confirm that OAuth2 authentication is working with Private Endpoint using the original FQDN (NOT containing "privatelink" part) between Azure AS and Azure SQL.
Regards,
Barna
@Barnabas Sipos Thanks for confirming if the above suggestion was helpful. If this answers your query, do click Accept Answer and Up-Vote for the same. And, if you have any further query do let us know.
Regards
Geetha