You have a hybrid configuration of Azure Active Directory (Azure AD) that has Single Sign-On (SSO) enabled. You have an Azure SQL Database instance that is configured to support Azure AD authentication.
Database developers must connect to the database instance from the domain joined device and authenticate by using their on-premises Active Directory account.
You need to ensure that developers can connect to the instance by using Microsoft SQL Server Management Studio. The solution must minimize authentication prompts.
Which authentication method should you recommend?
Click on the arrows to vote for the correct answer
A. B. C. D.D
Active Directory - Integrated -
Azure Active Directory Authentication is a mechanism of connecting to Microsoft Azure SQL Database by using identities in Azure Active Directory (Azure AD).
Use this method for connecting to SQL Database if you are logged in to Windows using your Azure Active Directory credentials from a federated domain.
https://docs.microsoft.com/en-us/sql/ssms/f1-help/connect-to-server-database-engine?view=sql-server-2017 https://docs.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication-configureBased on the requirements of the scenario, you have a hybrid configuration of Azure Active Directory (Azure AD) with Single Sign-On (SSO) enabled. You also have an Azure SQL Database instance that is configured to support Azure AD authentication. The developers must connect to the database instance from the domain-joined device and authenticate using their on-premises Active Directory account. The solution must minimize authentication prompts.
In this scenario, the best authentication method to recommend is Active Directory - Integrated (option D). This option provides a seamless and secure way to connect to Azure SQL Database using Azure AD authentication. With Active Directory - Integrated, the user's credentials are automatically passed to the SQL Database instance without the need for a separate authentication prompt.
Here are some key benefits of using Active Directory - Integrated for Azure SQL Database:
Seamless authentication: With Active Directory - Integrated, users are authenticated automatically, which minimizes the need for separate authentication prompts.
Security: Active Directory - Integrated uses Kerberos authentication, which provides strong security for user authentication.
Single Sign-On (SSO): With Active Directory - Integrated, users can sign in once and then access multiple resources without the need to re-authenticate.
Centralized management: Active Directory - Integrated allows for centralized management of user accounts, making it easier to manage and secure user access to resources.
In contrast, Active Directory - Password (option A) requires users to enter their password each time they connect to the SQL Database instance. This approach is less secure and can result in password fatigue for users. Active Directory - Universal with MFA support (option B) is a good option for securing access to resources, but it may require additional steps for users to authenticate and can be more complex to set up. SQL Server Authentication (option C) is also a valid option, but it requires a separate username and password for each user, which can be challenging to manage and less secure than using Azure AD authentication.
Overall, Active Directory - Integrated provides the most secure, seamless, and manageable option for authenticating users to Azure SQL Database in a hybrid Azure AD environment with SSO enabled.