Versions Compared

Old Version 2

changes.mady.by.user Nadja Pollard

Saved on

compared with

New Version 3

changes.mady.by.user Nadja Pollard

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

However, you must grant the Azure SQL Database permissions to read the Microsoft Entra ID. For more information regarding this matter, please refer to the Azure portal section of the Authorize server and database access using logins and user accounts article.

Multi-Factor Authentication

Connecting SQL Diagnostic Manager to your environment does not support service accounts requiring Multi-Factor Authentication (MFA), as continuous connection is required for service collection accounts. 
It is recommended to use generalized service accounts for configuring connection credentials rather than accounts directly linked to users. 

Info

For environments that require MFA for Entra ID users, a service account can be excluded from the MFA requirement by using an exclusion for conditional access. For guidance on how to set up exclusions for MFA, review the Use access reviews to manage users excluded from Conditional Access Policies article on Microsoft Docs.

Firewall

Keep in mind that the Microsoft Azure SQL Database is protected by a firewall, safeguarding access to your data when you create a new Azure Database. For more information on Azure SQL Firewall and how to configure it, please refer to this Microsoft documentation.
That is why it is important to allowlist the IP address of the server hosting the SQL Diagnostic Manager monitoring service via the Azure Portal.

How to select an Azure Profile?

...

  1. Click the Azure Discovery Settings button.
  2. In case you have already created an Azure profile, select it from the Select an Azure Profile dropdown. Otherwise, create a new one.
    Image Removed
  3. Click OK to save your configuration.
  4. Select a server to monitor.
  5. Select the instances to monitor.

...

  1. Click the New button in the Application Profiles section.Image Removed
  2. Choose a Profile Name and Description for your Azure profile from the Azure Application Profile wizard.Image Removed
  3. Select an Azure Subscription from the subscription dropdown, otherwise, click New and complete the following fields with the application information:
    1. Subscription ID*
    2. Description
      Image Removed
      Info(*) This information is mandatory. To get it from your application, follow the steps outlined in the How to get Azure Profile components? section.
  4. Click OK to save your Subscription information.
  5. Select an Azure Application from the application dropdown, otherwise, click New and complete the following fields with the application information:
    1. Application name
    2. Tenant ID*
    3. Client ID* 
    4. Secret value*
    5. Description of the Azure application
      Image Removed
      info

      (*) This information is mandatory. To get it from your application, follow the steps outlined in the How to get Azure Profile components? section.

  6. Click OK to save your Subscription information. Review all your information. When you finish, the wizard should look like this image.
    Image Removed
  7. Click OK to save your Azure Application Profile.
  8. Click Close to close the Azure Profiles Configuration wizard.
  9. In the Azure Application configuration, select the Azure Profile you just created from the Select Azure Profile dropdown.Image Removed
  10. Select the instances to monitor.

...

How to get Azure Profile components?

If you do not know how to obtain your application information, such as your subscription ID, tenant ID, client ID, and secret value, we have outlined the following steps to get them.

...

  1. Log in to the Azure Portal.
  2. Get the Subscription ID by searching Subscriptions in the search bar.
  3. Copy and save the Subscription ID in a notepad or secure file.Image Removed

Get your Tenant ID

  1. Log in to the Azure Portal.
  2. Select the Microsoft Entra ID service.
    Image Removed
  3. Copy and save the Tenant ID from the Overview tab.
    Image Removed

Get your Client ID and Secret Value

  1. Log in to the Azure Portal.
  2. Select the Microsoft Entra ID service.Image Removed

  3. Navigate to the Manage node from the left side menu and select App Registration.

  4. After the creation of the app, we need to apply the Reader role to the app under Subscription > IAM > Role Assignment.
    Image Removed

  5. If you have already created your Owned App, select it, and the Overview page will display the Client ID.
    Image Removed

  6. Copy and save it.

  7. Click the secret hyperlink to obtain your Secret value if you have already created it. In case you need a secret value, you can create a new one.

  8. Copy and save your Secret Value.Image Removed

  9. Otherwise, you can create a new one.

...

Create a Client Secret

In case you do not have the Secret ID or you have lost it, follow the steps below: 

  1. Navigate through the Manage node to the Certificates & secrets option from the Overview tab of your Owned App.
  2. Click the New client secret option.Image Removed
  3. Choose a description, select an expiration time from the dropdown menu, and click Add.
  4. Copy and save the Secret ID.
    Image Removed


Scroll pdf ignore
Newtabfooter
aliasIDERA
urlhttp://www.idera.com
Newtabfooter
aliasProducts
urlhttps://www.idera.com/productssolutions/sqlserver
Newtabfooter
aliasPurchase
urlhttps://www.idera.com/buynow/onlinestore
|
Newtabfooter
aliasSupport
urlhttps://idera.secure.force.com/
|
Newtabfooter
aliasCommunity
urlhttp://community.idera.com
|
Newtabfooter
aliasResources
urlhttp://www.idera.com/resourcecentral
|
Newtabfooter
aliasAbout Us
urlhttp://www.idera.com/about/aboutus
|
Newtabfooter
aliasLegal
urlhttps://www.idera.com/legal/termsofuse