Azure SQL Database
An Azure relational database service.
3,505 questions
Please see more troubleshooting options on this support article.
Having issues adding an AAD group to Azure SQL Database.
Michael MacGregor
86
Reputation points
We have an AAD group called [QA Leads]. I have no issues adding this group to a SQL Server on an Azure VM as [domain_name\QA Leads]. Works just fine, but if I try to do that in Azure SQL Database it gives me the following error:
Msg 33130, Level 16, State 1, Line 38
Principal 'domain_name\QA Leads' could not be found or this principal type is not supported.
I've seen several posts, including MS Docs, that say to use [username@domainname.com] but I don't know how that would work with an AAD group named QA Leads.
I tried simply doing this:
CREATE USER [QA Leads] FROM EXTERNAL PROVIDER WITH DEFAULT_SCHEMA=[dbo]
That appeared to work, except when one of the group members attempts to login he gets an error:
Login failed for user '<token-identified principal>'. (Microsoft SQL Server, Error: 18456)
Thanks in advance for any help.
Michael MacGregor
Database Architect
2 answers
Sort by: Most helpful
-
Michael MacGregor 86 Reputation points
2022-01-27T19:59:49.557+00:00 Turns out it was a mistake by the user who was testing the connection in that he entered the wrong database name in the Options tab in SSMS. Would be helpful if the error message provide actually said "Database does not exist'. Would've take a lot less time to figure out what was wrong!
Sign in to answer-
Oury Ba-MSFT 10,251 Reputation points Microsoft Employee2022-01-27T20:37:52.363+00:00 @Michael MacGregor Glad you were able to find the cause. Please mark your answer as "accept answer" so it would be beneficial for other community members with the same.
Regards,
Oury
That option doesn't appear for my comment.
@Michael MacGregor
It Should appear on the answer you provided.
Nope. Only Accept Answer button appears on Albert's comment.
Sign in to comment