Forum Discussion

Copper Contributor

Aug 28, 2020

Login Failed for user '<token-identified principal>' for Azure Active Directory Admin

Hello, I am having an issue where I am unable to connect to my Azure SQL database instance w/ my user that is the Active directory admin over the instance, along w/ the databases within that instan...

mguarnier

MCT

Aug 29, 2020

Hi MrGalvan,

I also had this problem, my sql instance is hosted on Azure and I log in with my AD account, but I suddenly lost access. I had to update my credentials in AD Azure only to get access again. That done, everything went back to normal. Have you tried to update your credentials?

Regards,

Marcos Guarnier

MrGalvan

Copper Contributor

Aug 31, 2020

Thanks mguarnier - That's exactly what we ended up doing to resolve it.

Thank you,

Marty Galvan

MrGalvan
Copper Contributor
Aug 31, 2020
Found the issue and have resolved it.

What happened is the AD group that was assigned as the Active Directory Admin was dropped and created w/ the same name. However, the old group's Object Id wasn't the same as the newly created AD group's Object Id.

Only found this out by looking at the Creation Date of the Active Directory Group. Which shows it was a recent creation date. A time frame within where the issue started happening.

So, it appears that the token assigned to the old group was still saved, but that Object Id no logger existed since the group was re-created w/ a new Object Id.

Remedy: Just dropped AD admin and re-added it and now we're back in business.