Share via

ADF can access External Table in Synapse

Shobna Lata 20 Reputation points
2023-08-17T05:18:40.9233333+00:00

I am trying to do a copy activity in ADF that reference an external table in Synape (which references a parquet file in Storage accountV2). This runs fine in Synapse however I get the following error which I run it through an ADF pipeline.

Any help on how to fix this issue please?

I have added my synapse workspace, ADF to the storage blob contributor role.

Error details

Copy data1

Error codeSqlOperationFailed

Failure typeUser configuration issue

Activity ID9be0b6f0-eb02-4335-9cc0-1e4d2f9d8ce7

DetailsFailure happened on 'Source' side. ErrorCode=SqlOperationFailed,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,Message=A database operation failed with the following error: 'Not able to validate external location because The remote server returned an error: (401) Unauthorized.',Source=,''Type=System.Data.SqlClient.SqlException,Message=Not able to validate external location because The remote server returned an error: (401) Unauthorized.,Source=.Net SqlClient Data Provider,SqlErrorNumber=105215,Class=16,ErrorCode=-2146232060,State=1,Errors=[{Class=16,Number=105215,State=1,Message=Not able to validate external location because The remote server returned an error: (401) Unauthorized.,},],'

Azure Data Lake Storage
Azure Data Lake Storage
An Azure service that provides an enterprise-wide hyper-scale repository for big data analytic workloads and is integrated with Azure Blob Storage.
1,563 questions
Azure Synapse Analytics
Azure Synapse Analytics
An Azure analytics service that brings together data integration, enterprise data warehousing, and big data analytics. Previously known as Azure SQL Data Warehouse.
5,384 questions
Azure Data Factory
Azure Data Factory
An Azure service for ingesting, preparing, and transforming data at scale.
11,659 questions
Accepted answer
  1. KranthiPakala-MSFT 46,642 Reputation points Microsoft Employee Moderator
    2023-08-22T00:30:31.44+00:00

    @Shobna Lata Welcome to Microsoft Q&A forum and thanks for reaching out here.

    In addition to Amira Bedhiafi inputs, please validate below prerequisites if you are accessing External tables from ADF.

    1. While creating the external data source, have you used any Database Scoped Credential ? In case if you haven't created any Database Scoped Credential then please create a database scoped credential with `Managed Service Identity
    2. Then use that credential for creating the external data source as shown below: 
    -- Create a database scoped credential with Managed Service Identity.
CREATE DATABASE SCOPED CREDENTIAL NYCGreenTaxiCredentialADF
WITH
  IDENTITY = 'Managed Service Identity';


-- Create External Data Source with Credential created in previous step.
IF NOT EXISTS (SELECT * FROM sys.external_data_sources WHERE name = 'NYCGreenTaxiData') 
	CREATE EXTERNAL DATA SOURCE [NYCGreenTaxiData] 
	WITH (
		LOCATION = 'abfss://<containerName>@sharedADLSGen2.dfs.core.windows.net',
		CREDENTIAL = NYCGreenTaxiCredentialADF 
	)
GO
    1. After creating the external data source using credential, then create the external table using this external data source.
    2. Then go to you ADF linked service and set up the Synapse Analytics Linked service configuration using SQL auth credentials and try to preview the data. (Please ensure that your Synapse Workspace Managed identity has Blob storage contributor role assigned)

    I have reproduced the error message you have experienced by creating an External Data source without database scoped credentials and it throws the same error message. Then in order to overcome the above error, I have created a Database scoped credential using `Managed Service Identity and then used that credential to create the external data source and then was able to access the external table from ADF without any issues.

    Hope this info helps. Let us know if you have further query.

    Please don’t forget to Accept Answer and Yes for "was this answer helpful" wherever the information provided helps you, this can be beneficial to other community members.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Amira Bedhiafi 34,656 Reputation points Volunteer Moderator
    2023-08-17T13:36:13.53+00:00

    I can see from the error message you are having that it is related to permissions issue since you are trying to access the external location (the Storage Account V2) where the parquet file is stored.

    Two cases apply :

    • If you're accessing storage through private endpoints, ensure that the managed private endpoint in Synapse is approved and correctly configured.
    • If you are using Storage Account Keys or Shared Access Signature (SAS) tokens to authenticate, make sure they are valid and have the correct permissions.

    You also mentioned adding the Synapse workspace and ADF to the Storage Blob Contributor role. Can you make sure the Azure Data Factory's Managed Identity also has the Storage Blob Data Reader role on the Storage Account V2, as this could give it the necessary permissions to read the data.

    Check also that the firewall rules in both the Storage Account and Synapse Workspace allow communication between the services. If there are IP restrictions in place, you may need to add the necessary IP addresses to the allow list.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.