Forum / Remote Desktop Manager - Feature Request

Azure SQL Database using Azure AD identities

  • Create an Issue
  • Cancel

Hi,

Can you add support for Azure Active Directory Authentication Library for Azure SQL Server. More in at
https://azure.microsoft.com/en-us/documentation/articles/sql-database-aad-authentication/ Section 5. Configure your client computers


Thank you.

Clock3 yrs

Hi,
I have entered a feature request.

David Hervieux

signaturesignature

Clock3 yrs

Is there any word about this feature? Azure AD login (with MFA) would be a nice option.

What also would be nice is the ability to use Azure AD accounts (with MFA) with Devolutions Server.

I know you can use google authenticator etc, but as we are using Office 365 users are already using Azure AD accounts protected with MFA, and it would be nice if they could just use that instead of configuring yet another two-factor solution/app.

Clock3 yrs

Hi,
I will confirm with Martin if it's exactly what you want because I know that DVLS now support Azure MFA

Regards

David Hervieux

signaturesignature

Clock3 yrs

I've checked the information about DVLS and Azure AD, but there are some issues with this i think:

- I need to download some sdk from the azure portal, but we don't use multi-factor auth provider (our MFA is included in our Office 365 licenses).

- It only supports SMS or Phonecalls (who still uses that? smile ) , an azure AD based login should just use the settings the (azure AD) user has already set up (most likely he uses the Azure MFA app).

- allowing 'real' azure ad logins would circumvent the problems above, and would make for a better experience (but i have no clue about programming, so i have no idea if its even possible), integration azure ad login in webapp is (supposed to be) a breeze, but for applications things are probably not so easy.

Clock3 yrs

Hi,

You are right about the MFA SDK, it needs a auth provider to be configure and download the SDK file from Azure and it only supports SMS and Phone call.
DVLS support MFA SDK for now!

Let me check different options

Best regards

Martin Lasalle

signaturesignature

Clock3 yrs

Hi, guys!

It would be great, if we would have the ability to login to AzureSQL datasources using AzureAD accounts, even without MFA.

We really need it.

Clock3 yrs

Hi,
Microsoft has just released the SQL Server Management Studio with this. We will add this to our todo list but it won't be for RDM 12 for sure. This version is planned for the end of September.

Regards

David Hervieux

signaturesignature

Clock3 yrs

+1 on this, Active Directory integrated authentication would be a great security improvement with Azure SQL

Clock3 yrs

Hi David,

Any news on this? For us it would be an important feature to use AzureAD accounts on AzureSQL

Clock2 yrs

Nothing new for now but that something we will investigate right after the RDM 12 release.

Regards

David Hervieux

signaturesignature

Clock2 yrs

RDM 12 has been released. Is there a time frame for this feature?

Clock2 yrs

+1 on this feature. This is holding us back from deploying company wide.

Clock2 yrs

It's the next feature on my to-do list. We start our holiday vacation break at the end of the week. Once back in the new year I will be starting on this. Should have something shortly after that. It's currently the most asked feature request.

Best regards,

Stefane Lavergne

signaturesignature

Clock2 yrs

Hi all,

Good news I've started on the SQL Azure + Azure AD Authentication.

Login is working with SQL Server Data Source. Next up is user management issues encountered while logged in with AD Auth users.

Here is a screen shot:
2017 01 12 10 14 28

Does any of you connect using "Active Directory Integrated", we have not been able to test this scenario. I'm hoping you of you could help us test it when time comes.

Best regards,

Stefane Lavergne

signaturesignature

2017-01-12_10-14-28.png
Clock2 yrs

We do.

Clock2 yrs

I'm done, this will be in the next minor release.

Create "Azure AD Auth" RDM user:
2017 01 16 14 04 12

Note: When creating SQL AD users, you must be logged in with an Azure AD user if not it will fail and you be notified of the error.
Use the servers defined Azure AD Admin to create your other users (to start). Once you've created other admin users, you can use them to create more users.
2017 01 16 14 06 58

Stefane Lavergne

signaturesignature

2017-01-16_14-04-12.png
2017-01-16_14-06-58.png
Clock2 yrs

Hi Stefane,

Thanks for making it! I am more than happy to test it.
Zoltan

Clock2 yrs

Thank you. When will the next minor release occur?

Clock2 yrs

A new build should be out within the next few days. I will keep you posted.

Best regards,

Stefane Lavergne

signaturesignature

Clock2 yrs

The latest beta has the SQL Azure AD integration.

Available here: https://remotedesktopmanager.com/Home/Download#Beta

Sorry, I'm late on the notification.

Best regards,

Stefane Lavergne

signaturesignature

Clock2 yrs

Just tested it, as far as I see it doesn't seems to support Modern Authentication (ADAL) yet. We have Azure AD MFA setup...

The error message:
Unable to connect to the database!
Failed to authenticate the user NT Authority\Anonymous Logon in Active Directory (Authentication=ActiveDirectoryIntegrated).
Error code 0xCAA2000C; state 10
AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access 'https://xyz.abc.com/'.
Trace ID: 615cbd65-3659-4faa-ac69-1a34431c1cfa
Correlation ID: a03aac05-567d-493a-935e-ebc1a5b9843a
Timestamp: 2017-02-15 21:47:42Z

Clock2 yrs

@zomby - Do you two-factor enabled?

Stefane Lavergne

signaturesignature

Clock2 yrs

I am using two factory authentication with Azure Active Directory, but am unable to add a data source using Azure Active Directory as I get the same message that zomby posted above.

Is AAD two factor auth supported with Remote Desktop Manager?

Clock2 yrs

We currently don't support Azure Multi-Factor Authentication (MFA) login with the SQL Azure Data source.

Supporting Azure MFA is not straight forward as we would have hoped and will require some more investigation. It's on our to-do list.

Best regards,

Stefane Lavergne

signaturesignature

Clock2 yrs

hi
any news on that feature request?
i see that it's 10 months old
does current edition of rdm enterprise supports azure sql with aad identities + mfa ?

Clock10 mths

I have to agree, still waiting for the solution, checking on every update.

Clock10 mths

Nothing yet, we are waiting on Microsoft to support it via the ADO.Net provider

We have another thread here: https://forum.devolutions.net/topic28005-feature-request--add-support-for-active-directory-universal-autentication---azure-mfa.aspx#post112804


As soon is it's made available we will implement the required changes.

Best regards,

Stefane Lavergne

signaturesignature

Clock10 mths

Good news Microsoft released today the an "Early Access build with the .NET Framework 4.7.2 Developer Pack"

SQL – Azure AD Universal and Multi-factor Authentication Support

We will start investigating so that we can release this as soon as the 4.7.2 update is officially released.

Best regards,

Stefane Lavergne

signaturesignature

Clock9 mths

About a month ago they released it fully aswell. Is there an update on when to expect this to be avaliable in RDM?
https://blogs.msdn.microsoft.com/dotnet/2018/04/30/announcing-the-net-framework-4-7-2/

Note that I am out of service atm so I can't upgrade, but this would make me and my team all update to the new version.

Clock6 mths