无法验证azure条件访问的mfa

bvjveswy  于 2021-07-24  发布在  Java
关注(0)|答案(0)|浏览(281)

我目前正在使用一个免费帐户设置一个azure门户,我目前正在为active directory进行premium 2试用。最初,我可以使用名为jp01的用户的凭据访问数据库。此用户是数据库管理组的一部分,该组作为aad管理员分配给sql服务器。一切正常。
不过,我还为访问azuresql数据库的人添加了一个条件访问策略,该策略还必须执行mfa并接收授权访问。在大多数情况下,这一切都是可行的。我尝试登录,它拒绝了我,将我发送到一个登录页面,该页面调用我的验证器应用程序,我可以批准它。问题是即使在我进行身份验证后,仍然拒绝访问。
我的目的不是使用msi,而是简单地使用ad password auth的连接字符串:
“服务器=sds01.database.windows.net,1433;初始目录=sdb01;用户id=jp01@testsitegmail.onmicrosoft.com;password=passw0rd@123!;身份验证=active directory密码
在azure data studio(非ssms)上,我收到:
用户令牌标识主体登录失败。
以编程方式接收:
system.aggregateexception:发生一个或多个错误(出现一个或多个错误(出现一个或多个错误(aadsts50076:由于管理员更改了配置,或者由于您移动到了新位置,您必须使用multi-factor authentication访问“022907d3-0f1b-48f7-badc-1ba6abab6d66”。跟踪id:ae3b2ad2-eeaf-4f2e-8783-526808d5a900相关id:b7f45074-f8b6-4813-9f0c-e578d067872c时间戳:2020-07-07 16:30:39z)
azure data studio日志:
microsoft.data.sqlclient.sqlexception(0x80131904):用户“”登录失败。在microsoft.data.sqlclient.sqlinternalconnection.onerror(sqlexception异常,布尔断开连接,操作 1 wrapCloseInAction) at Microsoft.Data.SqlClient.TdsParser.ThrowExceptionAndWarning(TdsParserStateObject stateObj, Boolean callerHasConnectionLock, Boolean asyncClose) at Microsoft.Data.SqlClient.TdsParser.TryRun(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj, Boolean& dataReady) at Microsoft.Data.SqlClient.TdsParser.Run(RunBehavior runBehavior, SqlCommand cmdHandler, SqlDataReader dataStream, BulkCopySimpleResultSet bulkCopyHandler, TdsParserStateObject stateObj) at Microsoft.Data.SqlClient.SqlInternalConnectionTds.CompleteLogin(Boolean enlistOK) at Microsoft.Data.SqlClient.SqlInternalConnectionTds.AttemptOneLogin(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean ignoreSniOpenTimeout, TimeoutTimer timeout, Boolean withFailover) at Microsoft.Data.SqlClient.SqlInternalConnectionTds.LoginNoFailover(ServerInfo serverInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString connectionOptions, SqlCredential credential, TimeoutTimer timeout) at Microsoft.Data.SqlClient.SqlInternalConnectionTds.OpenLoginEnlist(TimeoutTimer timeout, SqlConnectionString connectionOptions, SqlCredential credential, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance) at Microsoft.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken, DbConnectionPool pool, SqlAuthenticationProviderManager sqlAuthProviderManager) at Microsoft.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) at Microsoft.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions) at Microsoft.Data.ProviderBase.DbConnectionFactory.<>c_DisplayClass40_0.<TryGetConnection>b1(Task 1)在system.threading.tasks.continuationresulttaskfromresulttask`2.innerinvoke()在system.threading.executioncontext.runinternal(executioncontext executioncontext,contextcallback,对象状态)--来自引发异常的上一个位置的堆栈结束跟踪---在system.threading.tasks.task.executewiththreadlocal(task&currenttaskslot)--来自引发异常的上一个位置的堆栈结束跟踪---在microsoft.sqltools.servicelayer.connection.reliableconnection.reliablesqlconnection.<>c\U displayclass30\U 0.<b\U 0>d.movenext(),位于d:\a\1\s\src\microsoft.sqltools.managedbatchparser\reliableconnection\reliablesqlconnection.cs:第314行---引发异常的上一个位置的堆栈结束跟踪---位于d:\a\1\s\src\microsoft.sqltools.servicelayer\connection.connectionservice.tryopenconnection(connectioninfo connectioninfo,connectparams connectionparams)中的microsoft.sqltools.servicelayer\connection\connectionservice.cs:第549行clientconnectionid:95f719ed-a055-47fb-bf29-1a3576539286 error number:18456,state:1,class:14

暂无答案!

目前还没有任何答案,快来回答吧!

相关问题