1

Trying to add a compute node to ADF (v1), using Azure Data Lake Analytics Linked Service to make some simple u-sql jobs. Data Lake Store Linked Service is already in place and working with service principle authentication, but I can't deploy ADLA linked service with servicePrincipalId and Key.

As per this article, ADLA Linked Service supports service principle authentication for some time now: https://learn.microsoft.com/en-us/azure/data-factory/v1/data-factory-usql-activity#azure-data-lake-analytics-linked-service

The intellisense tells me the parameters are not valid and insists on user credential. Here's a screenshot:

ADF Portal Editor ADLA-ls

(Same warnings in visual studio data factory project btw.)

When I deploy with SPN anyway, I get the error "Entity provisioning failed: Internal Server Error".

Anyone successfully use service principle auth with ADLA linked service?

Improve this question
3
  • I have the same issue. SP auth is only accepted for data lake storage in ADFv1. I currently have an open support ticket with Microsoft about it. Commented Jan 8, 2018 at 15:09
  • @PaulAndrew, are you using User Credential auth in the meantime, or do you have any different workaround? Commented Jan 8, 2018 at 15:36
  • using user session and tokens in the meantime. Commented Jan 8, 2018 at 15:37

2 Answers 2

Reset to default
1

It works for me using the following settings:

{
  "name": "datalakeanalyticsinstanceLinkedService",
  "properties": {
    "type": "AzureDataLakeAnalytics",
    "typeProperties": {
      "accountName": "datalakeanalyticsinstance",
      "servicePrincipalId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
      "servicePrincipalKey": "abcdefghijklmopqrstuvwxyz123456780",
      "tenant": "mytenant.onmicrosoft.com"
    }
  }
}

Also make sure you've run the "Add User Wizard" from Data Lake Analytics. Using this wizard I added the service principal as an Owner with R+W permissions.

Edit: This blog post was just published with many details on Serivce Principal authentication

Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

do you know if the wizard is any different from adding users via Access Control (IAM)?
Yes, for example, the wizard also adds permissions on de data lake store file system. I've also updated the above answer with a blog post, explaining Service Principal authentication with Data Lake Analytics / Data Lake Store. When you run the wizard it shows you a list of actions that it perfoms.
I cannot comment on the discussion above, but I have SP Authentication running on both V1 & V2 of the datafactory.
1

After a couple of weeks of frustration, suddenly this issue resolved itself.

Adding SP via the "Add Users Wizard" from ADLA is certainly a must for any data lake related pipelines, as @Simon suggested. Other than that @Paul's blog clearly explains the process.

The fact that my pipeline suddenly started working at exactly midnight and hasn't failed since, makes me think ADF has recently got some bugs fixed. So until ADFv2 is fully GA, I suggest deploying the linked services over and over again, or better yet (and more frustrating) deploying new pipelines and services from scratch.

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.