Is it possible to integrate B2C AD with Azure SQL server - azure-active-directory

Is it possible to integrate Azure B2C with Azure SQL server for Authentication and Authorizations? Does Azure SQL server also supports B2C or the AD support is for ON-PREMISE supported AD only?

Absolutely, you can use Azure Active Directory Authentication for authentication with your Azure SQL Database , Not Azure AD B2C.
Azure AD B2C is a cloud identity management solution for your web and mobile applications. So, it doesn't support Azure SQL database.
Additional,If you want to use Azure AD or authentication with your Azure SQL Database, you can refer to this document.

Related

Can Azure AD MFA work with on-prem Active Directory?

Can Azure AD MFA work with on-prem Active Directory? Our entire infrastructure is Microsoft on-prem solutions (AD, Exchange, SQL, SharePoint, Office, etc). We do have Microsoft 365 Basic which allows us to use the free version of Azure AD. We currently have our AD accounts synchronizing between on-prem and Azure AD. I've got MFA enabled for Azure AD, but it only works when signing into something Azure related. If I sign into an on-prem AD-joined device, it doesn't recognize I have MFA enabled in Azure AD for my user account.
we have two options available.
To trigger Azure MFA on RDP to On-premises VMs or to connect to On-premises VPN etc.The Network Policy Server (NPS) extension for Azure allows customers to safeguard Remote Authentication Dial-In User Service (RADIUS) client authentication using Azure's cloud-based Multi-Factor Authentication (MFA). this enables secure verification for users attempting to sign in to a Remote Desktop Gateway.
check This to Integrate your Remote Desktop Gateway infrastructure using the Network Policy Server (NPS) extension and Azure AD
To protect On-premises web applications, such as OWA, SharePoint etc., they need to federate the web applications to ADFS and configure ADFS to use Azure MFA for 2nd factor of authentication. If your organization is federated with Azure AD, you can use Azure Multi-Factor Authentication to secure AD FS resources, both on-premises and in the cloud. reference

Ad connect - what data from Teams will be missing

My organisation use Active Directory on-premise (windows server 2012). We also use Office 365 E1.
Logins are different. We add accounts independly.
Now we are however are thinking about using Ad Connect, but we have some concerns.
Will we lose any data on Teams after integration?
Will our users be able to access data previously attached to theirs Azure Active Directory account?
How can we match AAD users with on-premise AD. It uses aliases?
Following MS documents should give a head start for your requirement.
How objects and credentials are synchronized in an Azure Active Directory Domain Services managed domain
Integrate on-premises AD with Azure
Integrate on-premises AD domains with Azure AD
Azure AD Connect: When you have an existing tenant
Microsoft 365 integration with on-premises environments

Use of Azure AD credential SQL VM

I have SQL Server 2019 running on an Azure VM (Windows Server 2019). The client wants to use Azure AD groups and users to provide access to the database, but does not have AD DS installed on a VM.
Is it possible to run the
CREATE USER [MySqlUser] FROM EXTERNAL PROVIDER
on a SQL Server running on an Azure VM to add users from the AD tenant?
Can it be joined to an Azure AD without running AD DS so I can run the command above?
I found a the answer of Microsoft MSFT that may be helpful for you:
Please find the explanation of different scenarios as following.
You can connect your on-premise environment using site-to-site VPN to
Azure VNET which the SQL azure VM is part of .
Alternatively you do not have an on-premise environment at all and
are a cloud only company who have created a standalone SQL server on
Azure VM , then you cannot directly join the machine to Azure AD
instance and hence you can not have Azure AD users logging in to the
SQL VM using their Userprinciplename (the logon id for a azure ad
user.) . However if you enable Azure AD domain services for your
azure AD tenant, you can then connect the Azure VM to the same subnet
as Azure AD domain services and then join it to the Azure AD domain
services instance. Your users in azure AD will be synced to your
azure AD domain services instance and the same user account can be
used to logon to the Azure VM.
For more details, please ref: https://social.msdn.microsoft.com/Forums/en-US/cee70d52-bd57-472d-b97e-6fd71f76dfbb/how-to-join-azure-vm-to-azure-ad

Azure app service Web API connect to a SQL Server database, with Azure AD account/windows authentication

Currently I have everything on premise - .NET Core 3.0 API and SQL Server database.
Azure AD/Service account are configured in IIS and database has given access to the service account.
All requests use that Azure AD service account.
Now we are planning for an Azure migration. API is published in App Services.
Now I want to use the same Azure AD account to connect to an Azure SQL Server database.
How should I do that?
Don't send me Microsoft links, those are having toooo much info.
Tell what and how to do configuration in Azure SQL and App Services.
Any help is appreciated.
Now I want to use the same AD account to connect to an Azure SQL Server database.
AD accounts can't connect to Azure SQL Database. Only SQL and Azure Active Directory (AAD) Logins/Users.
There are some options, but there's a clear best-practice: Provision a Managed Service Identity (MSI) for your Azure App Service Application and use that to connect to SQL Server.
Here is a simple tutorial for how you should integrate App Service and Azure SQL Database:
Tutorial: Secure Azure SQL Database connection from App Service using a managed identity

Is it possible to authenticate for access to SSAS (on-premise) using Azure Active Directory credentials

I have an on-premises 2019 (15) instance of SSAS in tabular mode. I also have an Azure Active Directory with multiple users.
When connecting to the SSAS instance through SSMS there are 3 available authentication methods:
Windows.
Active Directory - with password
Active Directory - universal with MFA
I am returned the following message when trying to authenticate with 2 or 3:
Cannot connect to xxxxx\xxxxxx. The integrated security 'ClaimsToken'
is not supported for native connections.
(Microsoft.AnalysisServices.AdomdClient)
How do I make it possible for AAD users to authenticate for access to on-prem use of SSAS?
The modes you are looking at are available for Azure Sql Databases that have been protected with an Azure AD tenant.
On-prem SQL Server and its add-ons do not support authenticating with Azure AD.

Resources