cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Connecting to dedicated and serverless pool via Invoke-SqlCmd using Token-Authentication

Lorrin
Microsoft

‎Mar 02 2022 03:51 PM

‎Mar 02 2022 03:51 PM

Connecting to dedicated and serverless pool via Invoke-SqlCmd using Token-Authentication

Hello All, I'm a data engineer wearing the hat of an DevOps engineer currently. I'm having a big struggle with trying to execute a T-SQL statement (CREATE USER <<>> FROM EXTERNAL PROVIDER) on an azure synapse dedicated or serverless pool but connected as an Azure AD User. I'm attempting to use Token-Authentication and am running the script in the context of the service connection running the azure pipeline, but no matter which resource endpoint I use to get the token from https://management.azure.com, https://dev.azuresynapse.net, and https://sql.azuresynapse.net, I'm getting this error Login failed for user '<token-identified principal>' - I can verify that I'm getting a valid token, but the connection is refused. Have others done this successfully?
1,938 Views
1 Like
5 Replies
Reply
5 Replies
Frederik_Gheysels

‎Mar 24 2022 08:42 AM - edited ‎Mar 24 2022 08:46 AM

‎Mar 24 2022 08:42 AM - edited ‎Mar 24 2022 08:46 AM

Re: Connecting to dedicated and serverless pool via Invoke-SqlCmd using Token-Authentication

Hi, have you been able to get any progress on this ? I am facing the same problem. :) I'm getting an access token from within my pipeline via `

az account get-access-token --resource="https://database.windows.net"` and try to use that token for connecting to the Synapse Serverless SQL Database using Invoke-SqlCmd, but I'm facing the same error as you're facing.
 
The service-principal that is behind the service-connection does have access-rights on Synapse.  (It's a synapse administrator)
0 Likes
Reply
Lorrin

‎Mar 28 2022 04:25 AM

‎Mar 28 2022 04:25 AM

Re: Connecting to dedicated and serverless pool via Invoke-SqlCmd using Token-Authentication

Hello,
I don't have all the rights needed but one of the suggestions was to use a new version of sqlcmd that does have the right capabilities. I'm waiting for my client to install it on the agent pools. Here is the repo on git: https://github.com/microsoft/go-sqlcmd

You might try this in your environment.

Good luck!

Lorrin
0 Likes
Reply
ssisjoost

‎Dec 20 2023 10:51 PM - edited ‎Dec 21 2023 10:16 AM

‎Dec 20 2023 10:51 PM - edited ‎Dec 21 2023 10:16 AM

Re: Connecting to dedicated and serverless pool via Invoke-SqlCmd using Token-Authentication

@Lorrin Any luck solving the issue? It seems that I have a similar problem with getting the token from/for the Synapase Serverless SQL pool: https://techcommunity.microsoft.com/t5/azure-synapse-analytics/get-token-for-synapse-serverless-sql-...

0 Likes
Reply
Lorrin

‎Dec 21 2023 04:53 AM

‎Dec 21 2023 04:53 AM

Re: Connecting to dedicated and serverless pool via Invoke-SqlCmd using Token-Authentication

@ssisjoost 

 

Unfortunately, we had to move onto other priorities.  Maybe I'll give go-sqlcmd again - see link in the thread in my own environment and report back.

 

Regards,

Lorrin

0 Likes
Reply
Ueshei_Oleg

‎Dec 21 2023 02:03 PM

‎Dec 21 2023 02:03 PM

Re: Connecting to dedicated and serverless pool via Invoke-SqlCmd using Token-Authentication

Не удаётся открыть эти ссылки. Одну открыл , но еррор. :)
0 Likes
Reply