It’s been observed that Users while configuring any management service feature like Vulnerability Assessment , Auditing , Threat protection etc. for their Azure SQL DB/Server seldom fails with an error message { “:\”PrinicipalNotFound\”,\”message\”:\”Principal ***** does not exist in the directory ****. \”} with HTTPS status code 400 (bad request)
This error states , There is no Azure AD Identity assigned for your Azure SQL Server . To solve the problem you may need to create an Azure AD identity and assign the identity to the Azure SQL logical server with below steps.
Function Assign-AzSQLidentity
{
Param
(
[parameter(Mandatory=$true)][string]$ResourceGroup,
[parameter(Mandatory=$true)][string]$ServerName
)
"Checking if server identity exists..."
if(Get-AzADServicePrincipal -DisplayName $ServerName)
{
"Server identity already exists"
Get-AzADServicePrincipal -DisplayName $ServerName
}
else {
"Server identify for server " + $ServerName + " does not exist"
"Assigning identity to server " + $ServerName
Set-AzSqlServer -ResourceGroupName $ResourceGroup -ServerName $ServerName -AssignIdentity
}
}
Assign-AzSQLidentity
Once the Identity is assigned , Please retry the management operation (Setting Auditing /VA etc..) , it should work now.
I hope this helps , Please let me know if you have any feedback or queries on it on the comment section .
Thank you @Yochanan Rachamim for guidance.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.