Post reply

Arc Enabled SQL Server

  • October 3, 2025 at 2:52 pm

    #4664562

    Just saw the "Azure Extension for SQL Server"

    Does anyone has experience with it?

    The entra-id authentication sounds interesting

  • October 4, 2025 at 3:10 pm

    #4665216

    Thanks for posting your issue and hopefully someone will answer soon.

    This is an automated bump to increase visibility of your question.

  • October 30, 2025 at 9:54 am

    #4679153

    Hey Jo,

    Yeah, I’ve played around a bit with the Azure extension for SQL Server (aka Arc-enabled SQL Server). It’s actually pretty slick if you want to bring your on-prem SQL Servers into Azure for centralized stuff — like policy enforcement, billing, or security insights.

    The Entra ID authentication part (formerly Azure AD) is especially nice if you’re on SQL 2022 or newer — you can let users connect using their Entra accounts instead of traditional SQL logins. Works on Windows and Linux too. I tried it on a standalone 2022 box and it worked smoothly once I set up the Entra admin from the Azure portal.

    Some quick notes:

    1. Your SQL box needs outbound access to Azure (obviously).

      2. FCIs aren’t supported for Entra login yet.

      3. The Arc agent handles most of the magic, so onboarding is pretty easy if you’re familiar with Azure Arc already.

      4. Newer SQL builds (like SQL 2025 preview) have added stuff like managed identities via Arc too — handy for automation.

      Happy to share more if you’re trying it out on a real setup.

    Chandan

  • October 30, 2025 at 9:56 am

    #4679154

    You must set an Entra admin for that SQL instance

     

    This is the person (or group) who’s allowed to log in using Entra ID. You do this in the Azure portal, on the Arc-enabled SQL Server resource.

     

    Think of it like the first Entra user who’s allowed to open the door.

     

    Once Entra login is enabled, you can:

     

    Use CREATE USER [someone@domain.com] FROM EXTERNAL PROVIDER;

     

    Assign roles/permissions (db_datareader, db_owner, etc.)

     

    This is just like managing regular logins — but with Entra identities.

  • October 30, 2025 at 10:00 am

    #4679156

    your SQL Server is on-premises (i.e., not hosted in Azure), once you onboard it using Azure Arc, it becomes a resource in Azure. That’s what allows you to set Microsoft Entra ID (Azure AD) authentication

    Also just enabling Entra ID doesn’t mean anyone with an Azure AD account can connect. You must explicitly give them access (either in Azure or inside SQL).

  • October 30, 2025 at 10:20 am

    #4679168

    Thanks Chandan Shukla for the extensive answer. That was the info I was looking for.

Viewing 6 posts - 1 through 6 (of 6 total)

You must be logged in to reply to this topic. Login to reply