Ganesh Chauhan, Technical Support Specialist, Microsoft Azure.
With the most recent release of the SQL server tools, we added support for token-based authentication (Universal authentication) with MFA for SQL DB and DW tools.
The subsequent SQL Server tools have been improved by introducing new features:
In SSMS 17.2, the following features are supported:
- Multiple-user Azure AD authentication for support of multiple authentication factors (authentication option: Active Directory – Universal with MFA). For the Universal authentication with the MFA approach, a new user credential input field was introduced to facilitate multi-user authentication. My Account @ Gmail is the user name, as shown below
- SQL DB and DW support Azure AD MFA Conditional Access (CA).
- Using MFA and universal authentication, the DacFx wizard exports and imports databases.
- The version of the ADAL-managed library used by Universal authentication with MFA has been updated to 3.13.9.
- Support for MFA and Universal Authentication in Object Explorer.
- For Azure AD guest users, which include Microsoft accounts like hotmail.com, outlook.com, and live.com as well as non-Microsoft accounts like gmail.com, SSMS 17.0 release supports “Azure domain name or tenancy ID” in Connection Properties. AAD domain name is listed below as aadtest.onmicrosoft.com.
- Updated SQLPackage.exe supports MFA and universal authentication.
- Universal authentication with MFA is supported by the DacFx API.
Additionally, a new CLI interface for SQL DB/DW that was released separately now allows setup procedures for Azure AD SQL administrators.