You are correct that Active Directory Integrated does not work in Azure, with the exception of a Windows VM. Azure AD does have an equivalent of on premises system managed identity, but that feature hasn't yet been added to Azure Analysis Services (you can upvote it on UserVoice if it is something you would like to see). SQL authentication is going to be your best choice currently.
impersonation for azure analysis services
Hi - I have deployed the Azure tabular model from Visual studio 2019. I am connecting to Azure Synapse SQL Pool in Data source in legacy mode i.e. it uses SQL query format to get the data from source instead of Power Query. I have to use it since i am just migrating the existing on premise model to cloud including data source which currently in SQL and now in SQL Pool. I have just changed the connecting string. I have used Active Directory Integrated to authenticate the data source. It was processing fine in VS however after deploying to Azure AS server its throwing an error when i process( NO mapping between Account names and Security IDs was done.. The exception was raised by teh IDb Connection interface.). I believe its due to impersonation mode. I believe Azure AS doesn't have any system defined managed identity and its not understanding which service to use to connect data source. Do i need to use SQL Server db credentials instead of "Active Directory Integration" to authenticate the data source. Please provide inputs to resolve this.
I can't use Windows account and "Credentials of the current user" since my cube is in "In Memory" mode.
2 additional answers
Sort by: Most helpful
-
Judah Kleinveldt 1 Reputation point
2021-03-25T13:28:52.88+00:00 Sounds like Azure AD and your prem AD are not speaking to each other, have you mapped all the required users on the On Prem server to Azure AD?
https://learn.microsoft.com/en-us/azure/architecture/reference-architectures/identity/azure-ad
-
rajendar erabathini 616 Reputation points
2021-03-26T05:58:25.37+00:00 Thanks guys for support. I have managed to fix it using SQL authentication. Unfortunately Microsoft documentation doesn't address the solution for this problem to use SQL authentication in crystal clear way. Thanks!