Jump to content
Free PC Help Forum
Logging In to Free PC Help Forum Has Changed

Lesson Learned #293: Common errors connecting to Azure SQL DB using Azure Active Directory

Guest Jose_Manuel_Jurado

By Guest Jose_Manuel_Jurado
in Microsoft Support & Discussions

 Share

Recommended Posts

Guest Jose_Manuel_Jurado

Guest Jose_Manuel_Jurado

Posted
Posted

In some situations, as you could find in this URL Additional Endpoints Required for AAD Authentication and CRL Checks for Azure SQL DB - Microsoft Community Hub we faced connectivity problems reaching the different endpoints of AAD or opening the outbound ports 443.

 

 

 

I would like to share my lessons learned based on error code and messages about this issue:

 

 

 

  • Unable to acquire authorization token: No connection could be made because the target machine actively refused it x.x.x.x:443
    • The service located on port 443 is not responding or a firewal is blocking the port 443 or the IP.

    [*]

    Unable to acquire authorization token: An attempt was made to access a socket in a way forbidden by its access permissions x.x.x.x:443

     


    • A firewal is blocking the port 443 or the IP.
       

    [*]Unable to acquire authorization token: Object reference not set to an instance of an object.

    • The service located on port 443 is not responding or firewal is blocking the port 443 or the IP.

    [*]Error code 0xA190; state 41360 - The requested URL was rejected. SAML token not found in response.

    • Any proxy server or firewall is rejecting to access any AAD endpoints needed.

 

 

 

Also, in some cases, we could

 

 

 

  • If the domain of the user, for example, username@domain.com is not found or invalid.
    • Error code 0xCAA90018; state 10 - Could not discover a user realm..

    [*]If the domain doesn't exist.

    • Error code 0xCAA9003B; state 10 - ADAL received an empty response from the server during a WIA flow and could not continue..

    [*]If the user doesn't exist in the domain specified,

    • Error code 0xCAA20003; state 10 - ID3242: The security token could not be authenticated or authorized..

    [*]If your Azure Active Directory administrator only allows a MFA connection.

    • Error code 0xCAA2000C; state 10 - AADSTS50076: Due to a configuration change made by your administrator, or because you moved to a new location, you must use multi-factor authentication to access '022907d3-0f1b-48f7-badc-1ba6abab6d66'.
       

 

Enjoy!

 

Continue reading...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...