Copied to clipboard

Flag this post as spam?

This post will be reported to the moderators as potential spam to be looked at


  • bemokraig 1 post 21 karma points
    May 21, 2021 @ 21:01
    bemokraig
    0

    Azure Managed Identity SQL access

    Has anyone used Umbraco 7 (or 8) using Azure Managed Identity SQL access? This eliminates UID/PWD for SQL Access. Need to add get token code somewhere...

  • Chris Evans 137 posts 353 karma points c-trib
    May 24, 2021 @ 04:48
    Chris Evans
    0

    Yes, this is possible and works relatively well. The setup / configuration is a bit complex but is detailed in this documentation from Microsoft:

    https://docs.microsoft.com/en-us/azure/app-service/app-service-web-tutorial-connect-msi

  • Johan Runsten 38 posts 276 karma points c-trib
    Apr 27, 2022 @ 23:08
    Johan Runsten
    0

    (9.4.3) I'm getting "System.TimeoutException: Cannot acquire MainDom" when trying to use a connection string without user id/password, i.e. app service configured as a managed identity in Azure. Is this case not supported? Which version of Microsoft.Data.SqlClient is referenced in Umbraco 9.4.3? I can't find out.

  • Jules 269 posts 560 karma points
    Oct 09, 2022 @ 09:33
    Jules
    0

    Hi Chris

    Have you managed to use that article to get this working for U8?

    Jules

  • Johan Runsten 38 posts 276 karma points c-trib
    Jun 21, 2022 @ 07:39
    Johan Runsten
    0

    After upgrading to Umbraco 10, this now works :)

  • Jules 269 posts 560 karma points
    Oct 07, 2022 @ 16:14
    Jules
    0

    Hi bemokraig

    I am also looking at getting Umbraco 8 SQL access working with Azure Managed Identities.

    Did you have any success doing this?

    Regards

    Jules

  • Robert 2 posts 72 karma points
    Dec 20, 2022 @ 19:37
    Robert
    0

    Johan (or anyone??), can you provide any instructions on how you made this work? Or even sample code? I can connect fine with standard connection string but as soon as I drop in the managed identity, it errors out. Is there special additions to the appsettings.json and/or other files (startup.cs, etc.)? I've already added Azure.Identity nuget package. FYI, I'm using Umbraco 11

  • Johan Runsten 38 posts 276 karma points c-trib
    Dec 22, 2022 @ 13:06
    Johan Runsten
    0

    @Robert

    I changed my connection string from user/pass to managed identity:

    Server=tcp:your-sql-server-name.database.windows.net,1433;Initial Catalog=your-database-name;Persist Security Info=False;MultipleActiveResultSets=False;Encrypt=True;TrustServerCertificate=False;Authentication=Active Directory Managed Identity;
    
    • Enable system managed identity on your app service.
    • You also need to go into your SQL server instance and add role assignments for your app service managed identity as Contributor in the IAM blade.

    Last, I don't think this is relevant to you but I have a vnet with a subnet for my app service, and the subnet is delegated to Microsoft.Web/serverFarms, and it has these service endpoints enabled: Microsoft.Web, Microsoft.Sql.

    Hope it helps!

  • Fenil Desai 3 posts 73 karma points notactivated
    May 13, 2023 @ 23:28
    Fenil Desai
    0

    I updated the connection string with Authentication=Active Directory Managed Identity, but still getting the below error:

    -> Umbraco.Core.Exceptions.BootFailedException: Boot failed.

    -> System.TimeoutException: Cannot acquire MainDom at Umbraco.Core.Runtime.MainDom.Acquire() at System.Threading.LazyInitializer.EnsureInitializedCore[T](T& target, Boolean& initialized, Object& syncLock, Func`1 valueFactory) at Umbraco.Core.Runtime.MainDom.get_IsMainDom() at Umbraco.Core.Runtime.CoreRuntime.AcquireMainDom(IMainDom mainDom) at Umbraco.Core.Runtime.CoreRuntime.Boot(IRegister register, DisposableTimer timer)

    Any help would be greatly appreciated.

Please Sign in or register to post replies

Write your reply to:

Draft