Over the past few months, Microsoft has made several of its services and products that have been in beta or technical preview, generally available. Joining the list of recently unleashed Microsoft services is Azure AD authentication in SQL Database and SQL Data Warehouse.
As of today, August 4, 2016, Mirek Sztajno a senior program manager for SQL Server Security has announced that Azure Active Directory (Azure AD) authentication will be immediately available for Azure SQL Database and Azrue SQL Data Warehouse.
For those who might feel this bit of news is flying over their heads, as a bit of a refresher, Azure AD helps provide an alternative to SQL Authentication. The end result of adding Azure AD authentication means customers will now be able to use a single sign-on for accessing their SQL Database and SQL Data Warehouse, specifically for federated domains.
Furthermore, the confluence of Azure AD helps mitigate an unnecessary number of users and passwords.
Sztanjo highlights some other benefits thanks to the addition Azure AD authentication in SQL Database and SQL Warehouse that include:
- Greatly simplified permission management allowing customers to control database permissions via Azure AD groups without having to access any of the underlying databases.
Support for:
- Azure AD managed and federated domains with user name/password. Password rotation is centralized and triggered automatically from Azure AD.
- Integrated Windows Authentication for Azure AD federated domains and clients on domain-joined machines. This enables single sign-on across participating services. Integrated Windows authentication is also supported for remote connections using VPNs.
- JSON Web Token (JWT) which allows you to perform Azure AD authentication for middle-tier applications against SQL Database (e.g., service accounts).
To take advantage of the new Azure AD authentication, customers need to have an Azure AD administrator provide them Azure AD identities that are already mapped to contained SQL users.
For those who may need help with getting this process started, Sztanjo offers a pretty comprehensive walkthrough, equipped with visual examples and a step by step tutorial.
To learn more about how to provision an Azure AD authentication for Azure SQL Database and Azure SQL Data Warehouse or see the Azure AD Authentication GitHub demo, visit Microsoft’s Azure blog here.
