我无法在 Azure 门户中或使用 Cloud Shell 将 Active Directory 管理员添加到新创建的 SQL 托管实例。
当我在 Azure 门户中尝试时,操作失败并在活动日志中显示以下消息:
Operation name: Update Administrator of Azure SQL Managed Instance. Create
Time stamp: Sun Nov 17 2019 xxxxx
Event initiated by: Admin A
Error code: ResourceOperationFailure
Message: The resource operation completed with terminal provisioning state 'Failed'.
运行以下命令时:
Set-AzSqlInstanceActiveDirectoryAdministrator -ResourceGroupName "myResourceGroupName" -InstanceName "myInstaceName" -DisplayName "Chris Green" -ObjectId "xxx-xxxx-xxx-xxxx"
我收到以下错误...
Set-AzSqlInstanceActiveDirectoryAdministrator : Long running operation failed with status 'Failed'. Additional Info:'The operation timed out and automatically rolled back. Please retry theoperation.'
At line:1 char:1
+ Set-AzSqlInstanceActiveDirectoryAdministrator -ResourceGroupName "NWN ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : CloseError: (:) [Set-AzSqlInstanceAc\u2026ectoryAdministrator], CloudException
+ FullyQualifiedErrorId : Microsoft.Azure.Commands.Sql.InstanceActiveDirectoryAdministrator.Cmdlet.SetAzureSqlInstanceActiveDirectoryAdministrator
我能够将活动目录管理员分配给同一订阅中先前创建的 SQL 托管实例。我尝试过的其他一些事情:
- 尝试了几个具有更高级别权限的不同用户
- 尝试使用当前是另一个托管实例的管理员的同一用户
- 通过扩大然后再缩小重新启动实例
如何进一步解决此问题?日志中的某处可能有更具体的信息吗?是否有任何 SQL/Powershell 命令可以进一步诊断故障?
这是我用作参考的文章的链接: https ://docs.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication-configure#provision-an-azure-您的托管实例的活动目录管理员