This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 46%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMR%3C/text%3E%3C/svg%3E)
Hi! When using the Azure Data Factory Studio to edit an ADF the URL for the studio is adf.azure.com in public DNS this resolves with a CNAME to portal.privatelink.adf.azure.com, which in turn resolves to a CNAME datafactoryv2.trafficmanager.net. So a request for adf.azure.com ends up in the hands of Azure Traffic manager, albeit by a slightly circuitous route. However we have recently set our DNS for Azure Private links as per: https://learn.microsoft.com/en-us/azure/private-link/private-endpoint-dns#azure-private-endpoint-dns-configuration This states as part of the recommended DNS setup we create various zones including | Private link resource type / Subresource|Private DNS zone name|Public DNS zone forwarders| | -------- | -------- | -------- | |Azure Data Factory (Microsoft.DataFactory/factories) / portal |privatelink.adf.azure.com| adf.azure.com |
This means that unless we replicate the CNAME to direct traffic from portal.privatelink.adf.azure.com to datafactoryv2.trafficmanager.net in our (now authoritative private DNS) then we lose access to adf.azure.com. This requirement for the private DNS record does not seem to be documented, nor does it seem to make any sense, with a public DNS directing to a private DNS which in turn directs to a public DNS and a public IP.
I assume this a hangover from some undocumented (as far as I can tell) method of bringing Azure Data Factory Studio on to a private link (or perhaps an undocumented consequence of bring Azure Data Factory on to a private link?). Nowhere is the ADF Studio mentioned in the documentation around Azure Private Link for Azure Data Factory. So while we have a "solution" to the problem it is undocumented, and it may not be the best solution (just not including privatelink.adf.azure.com in our private DNS would achieve the same, but that would be actively going against documentation). Appealing to Microsoft and anyone in the community who has experienced the same issue, for any insight. thank you for your time Mike
Hi Mike Rogers,
Thank you for posting query in Microsoft Q&A Platform. I am checking more on this with internal team. Will get back once I hear any updates. Thank you.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(108.80000000000001, 86%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMN%3C/text%3E%3C/svg%3E)
Were you able to find any more info about this? We set up our conditional forwarders for the public zones in the docs you linked, including adf.azure.com, but due to the private link CNAME we can now no longer resolve adf.azure.com and will have to remove it.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(140.8, 11%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECA%3C/text%3E%3C/svg%3E)
This appears to still be an issue and we have just broken all our ADF's because of it. ... Workaround is the add the CNAME into the Private DNS Zone. However its a cludge and will probably break. Not a great situation.