Microsoft Azure SQL Data Warehouse V2 Connector Guide > Introduction to Microsoft Azure SQL Data Warehouse V2 Connector > Administration of Microsoft Azure SQL Data Warehouse V2 Connector

Administration of Microsoft Azure SQL Data Warehouse V2 Connector

As a user, you can use Microsoft Azure SQL Data Warehouse Connector after the organization administrator performs the following tasks:

•Ensures that users have access to the Secure Agent directories that contain the success and error files. This directory path must be the same on each Secure Agent machine in the runtime environment.
•Obtains the JDBC URL from Microsoft Azure SQL Data Warehouse.
•If you have an existing Microsoft Azure SQL Data Warehouse connection, apply the latest SDKPatch. To get the latest SDKPatch, contact Informatica Global Customer Support.
•Verify that either the db_owner privilege or the following more granular privileges are granted to the user to connect to the Microsoft Azure SQL Data Warehouse and perform read and write operations successfully:

- EXEC sp_addrolemember 'db_datareader', '<user>'; // Alternately assign permission to individual table
- EXEC sp_addrolemember 'db_datawriter', '<user>'; // Alternately assign permission to individual table
- GRANT ALTER ANY EXTERNAL DATA SOURCE TO <user>;
- GRANT ALTER ANY EXTERNAL FILE FORMAT TO <user>;
- GRANT CONTROL TO <user>;
- GRANT CREATE TABLE TO <user>;
- Assign required privileges for tasks performed through Pre-SQL and Post-SQL commands.

Azure Active Directory Authentication

You can configure Azure Active Directory (AAD) authentication to connect to Microsoft Azure SQL Data Warehouse. Default is Microsoft SQL Server authentication.

To configure the AAD authentication, perform the following tasks:

Import Server Certificate

Applicable if you want to use AAD authentication with Active Directory Federation Services in Azure. Import the server certificate to the <Secure Agent installation directory>\jre\lib\security\cacerts file. Use the following command:

keytool -import -trustcacerts -alias <alias name of the certificate> -file <certificate file path> -keystore <Secure Agent installation directory>\jre\lib\security\cacerts -storepass <password for the truststore>

Note: You cannot run a task on a Hosted Agent, if Active Directory Federation Services is used for AAD authentication.

Set Admin

Perform the following steps to set admin between Microsoft SQL Server that has the Microsoft Azure SQL Data Warehouse hosted and the Azure Active Directory:

1. Log on to the Microsoft Azure portal using your credentials. The Dashboard page appears.
2. From the All Resources page, select the Microsoft SQL Server that has the Microsoft Azure SQL Data Warehouse hosted.

3. Select the Active Directory admin option under Settings displayed for the Microsoft SQL Server. The image shows the Active Directory admin settings: This image shows the Set admin option for Azure Active Directory.

This image shows the Set admin option for Azure Active Directory.

4. Click Set admin. The Add admin page appears.
5. Enter the email ID that you want to use as admin and click Select.
6. Click Save.

Create a User

Perform the following steps to create a user:

1. Connect to the Microsoft Azure SQL Data Warehouse using the Azure Active Directory admin created in the previous steps. You can use Microsoft SQL Server Management Studio to connect to the Microsoft Azure SQL Data Warehouse.
2. Type and run the following command to create a user: create user [user@foobar.com] from external provider;

For more information, see Microsoft Azure documentation.

3. Assign the required privileges to the user.

Configure the JDBC URL and the user you created in connection properties to enable AAD authentication.