Unable to Authenticate JDBC Connection to Azure SQL DB from Databricks - Must Use Multi-Factor Authentication
I'm trying to connect to our Azure SQL DB from Databricks configured with JDBC as follows:
DBUser = 'test2'
DBPword = 'xxxxxx'
DBServer = 'hst37dg5zxxxxxxy-exnwgcizvwnurfcoqllpyaj3q4'
DBDatabase = 'newconfigdb-xxxxxxxxxxx8-a7ea-13f21e4ab25b'
jdbcUrl = f"jdbc:sqlserver://{DBServer}.database.fabric.microsoft.com:1433;database={DBDatabase};user={DBUser};password={DBPword};encrypt=true;trustServerCertificate=false;authentication=ActiveDirectoryPassword"
df.write.mode("overwrite") \
.format("jdbc") \
.option("url", jdbcUrl) \
.option("dbtable", table)\
.save()
I am getting the following error:
com.microsoft.sqlserver.jdbc.SQLServerException: Failed to authenticate the user test2 in Active Directory (Authentication=ActiveDirectoryPassword). AADSTS50034: The user account "EUII Hidden" does not exist in the 8cbfa73c-xxxxxxx8faef12fc6 directory. To sign into this application, the account must be added to the directory.
Can someone let me know what "EUII Hidden" means? Also, how to overcome this issue?
By way of an update, when I enter the DBUser = 'test@keyxxxx.co.uk' I get error 'Failed to authenticate the user test@keyxxxx.co.uk in Active Directory (Authentication=ActiveDirectoryPassword). AADSTS50055: The password is expired'
However, when I created the account in Azure I wasn't given the option that the user would need provide a new password at sign on, so not sure why I'm getting the password expiry error?
I think I have nearly fixed the issue.
I have changed the password, but when I now try to execute the code I get the error:
com.microsoft.sqlserver.jdbc.SQLServerException: Incorrect syntax near '<'.
In Entra ID create a new App Registration, and generate a client secret for it. Store the client secret in a Databricks secret scope. Grant the service principal access to the database, and switch your authentication from ActiveDirectoryPassword (which is for user principals, and is normally blocked by your Entra ID access policies) to ActiveDirectoryServicePrincipal, and use the client secret as the password.
- Add Azure Active Directory User to Azure SQL Database
- How can I export a SQL Server database in *.sql format?
- Invoke-Sqlcmd with AAD authentication
- ManagedIdentityCredential authentication failing
- Azure Mobile App using existing database that has identity column not called id
- Delete query not working on Azure SQL Database
- Azure SQL Sync between Subscriptions
- Reset identity seed after deleting records in SQL Server
- How do you force Azure SQL (Serverless) to pause?
- "Invalid use of a side-effecting operator 'DELETE' within a function" for the constructed result?
- Unable to connect to Azure SQL from Azure Data Factory
- How to enable express Vulnerability assessment on Azure SQL Server using AzAPI provider
- ADF file move between two blob containers with an Azure SQL database ingestion
- select last non zero by SQL
- How do I recreate a user/login on a SQL Azure Active Geo-Replication Secondary
- How do I stop and start a SQL Azure database?
- SQLPackage adding REVOKE CONNECT to users - how to remove just the REVOKE CONNECT? (SDK-Style database project)
- How to grant a Managed Identity permissions to an Azure SQL Database using IaC?
- Azure DB paused and won't unpause
- Result order of string_split?
- JSON data type cannot be used in OpenJson function
- Does or does not SQL Azure support CLR assemblies?
- How can I prevent SqlException (0x80131904): Login failed for user on .NET 8 Blazor Web App when deployed to Azure, with multiple connections at once?
- Unable to view tables after copying database to another Azure SQL Server
- Join Tables from different databases in Azure SQL (SAAS)?
- How do you check the status of a SQL Import Export Operation in Azure?
- Azure Auto-Scale Database
- Materialized view in Marketing Performance DB in Azure SQL database
- Azure Cosmos DB Gremlin API via Synapse Link using the serverless SQL pool
- Unable to Authenticate JDBC Connection to Azure SQL DB from Databricks - Must Use Multi-Factor Authentication