![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(156.8, 77%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELN%3C/text%3E%3C/svg%3E)
Active Directory
A set of directory-based technologies included in Windows Server.
6,630 questions
Hi Lakshmi Narayana Sarma Bhamidipati,
Thanks for reaching out to Microsoft Q&A.
To fetch Azure Active Directory (AD) data such as AD Users and AD Groups into Azure Data Lake Storage (ADLS), you can try the following approaches:
Approach 1:
Configure Azure AD for LDAP Authentication:
Enable LDAP on your Azure AD tenant and configure your LDAP client to use Azure AD as the authentication source.
Use Azure AD Connect:
Install Azure AD Connect to synchronize your local AD with Azure AD and configure an LDAP connector.
Query AD Data:
Use T-SQL with OPENROWSET or ADSDSOObject to access user data from LDAP.
Synchronize with AD LDS:
Configure Azure AD Connect with Active Directory Lightweight Directory Services (AD LDS) for synchronization.
These steps will help you integrate AD data into ADLS using the configured LDAP server
Approach 2:
Step 1: Register an Application in Azure AD
- Go to the Azure portal and navigate to Azure Active Directory.
- Under App registrations, click on New registration.
- Provide a name for the application, select the supported account types, and click Register.
- Once the app is registered, note down the Application (client) ID and Directory (tenant) ID.
- Under Certificates & secrets, create a new client secret and note it down.
Step 2: Set API Permissions for the App
- In the registered app, go to API permissions.
- Click on Add a permission and select Microsoft Graph.
- Add the necessary permissions to read users and groups (e.g., User.Read.All, Group.Read.All).
- Grant admin consent for the permissions.
Step 3: Create a Linked Service in Azure Data Factory
- Go to the Azure portal and navigate to Azure Data Factory.
- In your Data Factory, go to Manage and then Linked Services.
- Click on New and select Azure Data Lake Storage Gen2.
- Provide the necessary details to connect to your ADLS account.
Step 4: Create a Linked Service for Azure AD
- In the same Linked Services section, create a new linked service.
- Select HTTP as the type.
- Configure the HTTP linked service to connect to the Microsoft Graph API:
- Base URL: https://graph.microsoft.com/v1.0/
- Authentication type: Service Principal
- Tenant: Your Azure AD tenant ID
- Service Principal ID: Your Application (client) ID
- Service Principal Key: Your client secret
- Service Principal ID: Your Application (client) ID
- Tenant: Your Azure AD tenant ID
- Authentication type: Service Principal
- Base URL: https://graph.microsoft.com/v1.0/
Step 5: Create a Pipeline to Extract Data
- In Azure Data Factory, go to Author & Monitor and create a new pipeline.
- Add an HTTP dataset to fetch data from Azure AD:
- Set the linked service to the HTTP linked service created earlier.
- Configure the relative URL to point to the desired endpoint (e.g., /users or /groups).
- Add an Azure Data Lake Storage Gen2 dataset to write data to ADLS.
- Use a Copy Data activity to copy data from the HTTP dataset to the ADLS dataset.
Note: The above approaches are examples, you will have to tweak or change to suit according to your requirements.
Please 'Upvote'(Thumbs-up) and 'Accept' as an answer if the reply was helpful. This will benefit other community members who face the same issue.