Share via

Azure Container Apps to Azure SQL Database

James Hizon 40 Reputation points
2025-03-04T20:05:24.82+00:00

Hi. I am having great trouble connecting my app deployed in Azure Container Apps to Azure SQL Database. I have been able to successfully access the Azure SQL Database, or at least I think. However, perhaps when I try to login via Azure SQL Server username and password, I am still unable to login to the Azure SQL Database even though I believe I am using the correct email and password required.

I've tried interacting with azure vm and signing in with both azure sql server config settings as well as Microsoft Entra ID (if that makes sense):

azureuser@testVM:~$ sqlcmd -S proven-success-test.database.windows.net -d proven-success-test-db_2025-02-18T17-12Z -G

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Login timeout expired.

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Failed to authenticate the user '' in Active Directory (Authentication option is 'ActiveDirectoryIntegrated').

Error code 0xA190; state 41360

Error acquiring Kerberos credentials

GSS status: No credentials were supplied, or the credentials were unavailable or inaccessible

Mechanism status: No Kerberos credentials available (default cache: FILE:/tmp/krb5cc_1000)

.

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : TCP Provider: Timeout error [258]. .

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Unable to complete login process due to delay in login response.

azureuser@testVM:~$ sqlcmd -S proven-success-test.database.windows.net -d proven-success-test-db_2025-02-18T17-12Z \

     -U "CloudSAe3805cba@proven-success-test" -P "ToProveOrNotToProve100!"

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Login failed for user 'CloudSAe3805cba'..

azureuser@testVM:~$ sqlcmd -S proven-success-test.database.windows.net -d proven-success-test-db_2025-02-18T17-12Z \

     -U "******@yourtenant.onmicrosoft.com" -P "ToProveOrNotToProve100!"

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Cannot open server "yourtenant.onmicrosoft.com" requested by the login. The login failed..

azureuser@testVM:~$ sqlcmd -S proven-success-test.database.windows.net -d proven-success-test-db_2025-02-18T17-12Z \

     -U "******@acaca398-8329-46bb-a322-34c99669762b.onmicrosoft.com" -P "ToProveOrNo

tToProve100!"

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Cannot open server "acaca398-8329-46bb-a322-34c99669762b.onmicrosoft.com" requested by the login. The login failed..

azureuser@testVM:~$ sqlcmd -S proven-success-test.database.windows.net -d proven-success-test-db_2025-02-18T17-12Z \

   -U "******@jamesrhizongmail402.onmicrosoft.com" -P "ToProveOrNotToProve100!"

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Cannot open server "jamesrhizongmail402.onmicrosoft.com" requested by the login. The login failed..

azureuser@testVM:~$ sqlcmd -S "tcp:proven-success-test.database.windows.net,1433;Authentication=ActiveDirectoryPassword" \

-d proven-success-test-db_2025-02-18T17-12Z \

-U "******@jamesrhizongmail402.onmicrosoft.com" \

-P "ToProveOrNotToProve100!"

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Login timeout expired.

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : MAX_PROVS: Connection string is not valid [87]. .

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : A network-related or instance-specific error has occurred while establishing a connection to SQL Server. Server is not found or not accessible. Check if instance name is correct and if SQL Server is configured to allow remote connections. For more information see SQL Server Books Online..

azureuser@testVM:~$ nano ~/.odbc.ini

azureuser@testVM:~$ export ODBCINI=$HOME/.odbc.ini

azureuser@testVM:~$ echo $ODBCINI

/home/azureuser/.odbc.ini

azureuser@testVM:~$ sqlcmd -D AzureAD -U "******@jamesrhizongmail402.onmicrosoft.com" -P "ToProveOrNotToProve100!"

Sqlcmd: '-S': Missing Option. Enter '-?' for help.

azureuser@testVM:~$ sqlcmd -S AzureAD -U "******@jamesrhizongmail402.onmicrosoft.com" -P "ToProveOrNotToProve100!"

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : Login timeout expired.

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : TCP Provider: Error code 0x2AFA.

Sqlcmd: Error: Microsoft ODBC Driver 17 for SQL Server : A network-related or instance-specific error has occurred while establishing a connection to SQL Server. Server is not found or not accessible. Check if instance name is correct and if SQL Server is configured to allow remote connections. For more information see SQL Server Books Online..

azureuser@testVM:~$ nano ~/.odbc.ini

azureuser@testVM:~$ export ODBCINI=$HOME/.odbc.ini

azureuser@testVM:~$ nslookup proven-success-test.database.windows.net

Server: 127.0.0.53

Address: 127.0.0.53#53

Name: proven-success-test.database.windows.net

Address: 10.0.1.4

azureuser@testVM:~$ nc -zv proven-success-test.database.windows.net 1433

Connection to proven-success-test.database.windows.net (10.0.1.4) 1433 port [tcp/ms-sql-s] succeeded!

azureuser@testVM:~$ echo $ODBCINI

/home/azureuser/.odbc.ini

azureuser@testVM:~$ isql -v AzureAD "******@jamesrhizongmail402.onmicrosoft.com" "ToProveOrNotToProve100!"

[S1T00][unixODBC][Microsoft][ODBC Driver 17 for SQL Server]Login timeout expired

[FA004][unixODBC][Microsoft][ODBC Driver 17 for SQL Server][SQL Server]Failed to authenticate the user '******@jamesrhizongmail402.onmicrosoft.com' in Active Directory (Authentication option is 'ActiveDirectoryPassword').

Error code 0xA190; state 41360

AADSTS50034: The user account {EUII Hidden} does not exist in the acaca398-8329-46bb-a322-34c99669762b directory. To sign into this application, the account must be added to the directory. Trace ID: 8d46495b-4a07-49f6-b158-2ed363eb6b00 Correlat

[CE275][unixODBC][Microsoft][ODBC Driver 17 for SQL Server][SQL Server]Error requesting access token, HTTP status 400, expected 200

[08001][unixODBC][Microsoft][ODBC Driver 17 for SQL Server]TCP Provider: Timeout error [258].

[08001][unixODBC][Microsoft][ODBC Driver 17 for SQL Server]Unable to complete login process due to delay in login response

[ISQL]ERROR: Could not SQLConnect

Azure Container Apps
Azure Container Apps
An Azure service that provides a general-purpose, serverless container platform.
562 questions
Accepted answer
  1. Ryan Hill 29,846 Reputation points Microsoft Employee
    2025-03-06T00:17:10.93+00:00

    Hey @James Hizon

    Thanks for connecting with offline. We were able to successfully configure a managed identity using a Web App for Container instance of your docker image. This got you unblocked and verified that the code changes for using a managed identity works.

    As discussed, I'll look into getting this working from the container app side of things and update this post so you that you can make best the decision of which service to use as discussed on https://learn.microsoft.com/en-us/azure/container-apps/compare-options.

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.