I am simply trying to follow the steps here so that I can query an Azure Analysis Services model from C#. But in SQL Server Management Studio I fail to connect to the server when using "Active Directory - Password" authentication, getting error message "Unable to obtain authentication token using the credentials provided..."
I tried using the username displayed in Analysis Services Admins that looks like this: john.doe_outlook.com#EXT#@johndoeoutlook.onmicrosoft.com and the outlook e-mail address associated with the Azure account which is of this form john.doe@outlook.com.
The password I used is also my Microsoft account password. From researching, it is never made clear to me at all what password I should be typing in, where do I get it from? Or what exactly do I need to do here so that I can successfully connect?
Both usernames I tried result in this message:
Unable to obtain authentication token using the credentials provided. If your Active Directory tenant administrator has configured Multi-Factor Authentication or if your account is a Microsoft Account, please remove the user name and password from the connection string, and then retry. You should then be prompted to enter your credentials. (Microsoft.AnalysisServices.AdomdClient)
If I enter john.doe_outlook.com#EXT#@johndoeoutlook.onmicrosoft.com as the username I get these messages:
user_realm_discovery_failed: User realm discovery failed (Microsoft.IdentityModel.Clients.ActiveDirectory)
The remote server returned an error: (400) Bad Request. (System)
and if I enter john.doe@outlook.com as the username I get these messages:
Sequence contains no elements (Microsoft.IdentityModel.Clients.ActiveDirectory)
I solved this by creating a new a app registration and selected 'Accounts in any organizational directory and personal Microsoft accounts (e.g. Skype, Xbox, Outlook.com)' instead of 'Accounts in this organizational directory only (Default Directory)'. When I connect to the server in SSMS, I select Active Directory with MFA support instead of Active Directory-Password, and I enter john.doe@outlook.com. And it connects.