I’m trying to use Azure Managed Identity, because I don’t want to have usernames and password in the appsettings.json on the webapplication server in Azure.
Therefor I made a test configuration, but it doesn’t work. Can you help me?
The configuration i have is:
- An IAM database in a SQL Managed Instance (version 2020.1)
- A WebApp (Indicium) (version 2020.1.6)
The instruction from Microsoft which i was following is: https://docs.microsoft.com/nl-nl/azure/active-directory/managed-identities-azure-resources/tutorial-windows-vm-access-sql
I made a System assigned identity on my App Service (azzapp-acto-d-nieuw-evo-Indicium-001)
I created a contained user on my SQL database (acto_d_nieuw_evo_iam) and gave it all rights
- CREATE USER 0azzapp-acto-d-nieuw-evo-Indicium-001] FROM EXTERNAL PROVIDER
- ALTER ROLE 0db_owner] ADD MEMBER azzapp-acto-d-nieuw-evo-Indicium-001]
The content of the appsetttings.json is:
{
"Logging": {
"IncludeScopes": false,
"LogLevel": {
"Default": "Information",
"System": "Information",
"Microsoft": "Warning",
"Indicium": "Debug"
}
},
"MetaSourceConnection": {
"Server": "sqlmi-nonp-001.database.windows.net",
"Database": "acto_d_nieuw_evo_iam",
"PoolUserName": "<secret>",
"PoolPassword": "<secret>"
}
}
Next I fired the url of the Webapp: https://azzapp-acto-d-nieuw-evo-indicium-001.azurewebsites.net
I get the correct message of indicium:
Indicium eBasic] is running!
Version: 2020.1
Build: 6
Next I changed the content of the appsettings.json to
{
"Logging": {
"IncludeScopes": false,
"LogLevel": {
"Default": "Information",
"System": "Information",
"Microsoft": "Warning",
"Indicium": "Debug"
}
},
"MetaSourceConnection": {
"Server": "sqlmi-nonp-001.database.windows.net",
"Database": "acto_d_nieuw_evo_iam"
}
}
I stopped the Webapp: azzapp-acto-d-nieuw-evo-Indicium-001
I started the Webapp: azzapp-acto-d-nieuw-evo-Indicium-001
Next I fired the url of the Webapp: https://azzapp-acto-d-nieuw-evo-indicium-001.azurewebsites.net
Now I received an error of indicium:
An error occurred while starting the application.
.NET Framework 4.7.3620.0 X64 v4.0.0.0 | Microsoft.AspNetCore.Hosting version 2.1.0-rtm-30799 | Microsoft Windows 10.0.14393 | Need help?
The content of indicium logfile tells:
2020-07-08T09:59:29.1387626+00:00 hftl] Application startup exception (6c57a5ba)
System.Exception: Invalid MetaSourceConnection configuration. Please check the configuration of the server, database and pool user. ---> System.AggregateException: One or more errors occurred. ---> System.Data.SqlClient.SqlException: Windows logins are not supported in this version of SQL Server.
at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, DbConnectionPool pool, String accessToken, Boolean applyTransientFaultHandling, SqlAuthenticationProviderManager sqlAuthProviderManager)
at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions)