3

I am attempting to log into an Azure SQL Database using SSMS. I need to be able to log into the database with Active Directory Integrated Authentication. When attempting to login:

enter image description here

I receive this error: Failed to authenticate the user NT Authority\Anonymous Logon in Active Directory (Authentication=ActiveDirectoryIntegrated). Error code 0xCAA90002; state 10 WSTrust response does not have recognized SAML assertion. (.Net SqlClient Data Provider)

The following are true:

  1. I am the Active Directory admin in the Azure SQL Server.
  2. The Azure SQL Server Firewall accepts all IP addresses
  3. I am specifying a database under the connection properties tab
  4. I have .NET 4.6 and I'm using SSMS v17.1
  5. Authentication works if I use "Active Directory Universal Authentication".

Any ideas? Thanks.

Improve this question
0

3 Answers 3

Reset to default
1

This issue is with the AD Syncing options. In my environment, AD is not syncing passwords into the tenant. This prevents AD Integration Authentication and AD Password Authentication. The only authentication that works in this instance is AD Universal Authentication.

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Any idea how the connection string would look if this (AD Universal Authentication) was being used in Powershell?
1

This may be due to the old API of ADALSQL.dll that is used by SSMS for Active Directory password. The fact that Active Directory Universal (which uses newer API from ADAL.net) works indicates the issue is in the AD library, not SQL.

Improve this answer

1 Comment

I've fixed this in the past for myself now a co-worker is having the same issue but I cannot find the solution any more. :(
1

I had the same error message, and it turned out to be caused by a password expiry. As soon as I renewed the password, the error message disappeared.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.