Share via

Wrong user/pass in azure powershell when granting permissions to the managed identity for SQL access

sdf sdfgs 20 Reputation points
2025-10-29T15:42:05.6233333+00:00

Hi, I am uploading an app that uses sql to azure.

I have already uploaded the app, when accesing its URL I get a "App is running and waiting for content"

In order to provide an sql db to the app, i am following this tutorial:
https://free.blessedness.top/en-us/azure/app-service/tutorial-connect-msi-sql-database

I am at the step linked "Grant permission to the managed identity". The user I provide is the one displayed as "userPrincipalName": "XXXXXX" when using the command "az ad user list". It is the only one on the list. It has a reference to the email of my microsoft live account. I didn't create this entry manually, so I assume the password is the same as my microsoft live account.

When running the command, the password is requested. I provide my microsoft live account pass and I get this output:

Sqlcmd: Error: Microsoft ODBC Driver 18 for SQL Server : Failed to authenticate the user 'XXXXXXXXXXXXXX' in Active Directory (Authentication option is 'ActiveDirectoryPassword').
Error code 0xA190; state 41360
AADSTS50126: Error validating credentials due to invalid username or password. Trace ID: 5fc9bc68-4714-4931-8591-b4bc8ceb0e00 Correlation ID: 537b90c5-361a-4443-9979-c3ab0076ba41 Timestamp: 2025-10-29 14:42:34Z.
Sqlcmd: Error: Microsoft ODBC Driver 18 for SQL Server : Error requesting access token, HTTP status 400, expected 200.
Sqlcmd: Error: Microsoft ODBC Driver 18 for SQL Server : TCP Provider: Error code 0x68.
Sqlcmd: Error: Microsoft ODBC Driver 18 for SQL Server : Communication link failure.

I have tried loging off and in again using this password, it works on this site.

I have also tried to access the user through the azure web menu: Start > Default directory > Users
I can see the user there and thre is a "reset the password" button, but when I try to use it I get "[username] is a Microsoft account managed by the user, only [username] can reset the password of this account". Said "username" matches the userPrincipalName I get from the CLI.

Am I mixing up accounts? How can I get my app to access the azure sql?

Azure SQL Database
0 comments
Answer accepted by question author
  1. Aryan Parashar 2,005 Reputation points Microsoft External Staff Moderator
    2025-10-30T10:16:40.49+00:00

    Hi sdf sdfgs,

    Thankyou for posting this on Microsoft QNA.
    Please follow the below steps to resolve this issue:

    The error AADSTS50126: Error validating credentials due to invalid username or password indicates that the Active Directory authentication request failed because the provided credentials were incorrect or not recognized by Microsoft Entra ID.

    To find the correct username and reset a password. Here is the relevant documentation: https://free.blessedness.top/en-us/windows-server/identity/ad-ds/manage-user-accounts-in-windows-server

    Alternatively, to connect an App Service app to a SQL Database on behalf of the signed-in user, refer to this guide: https://free.blessedness.top/en-us/azure/app-service/tutorial-connect-app-access-sql-database-as-user-dotnet

    Feel free to accept this as an answer.
    Thankyou for reaching out to The Microsoft QNA Portal.

    1 person found this answer helpful.
    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. hossein jalilian 13,125 Reputation points Volunteer Moderator
    2025-10-29T23:56:20.71+00:00

    Thanks for posting your question in the Microsoft Q&A forum.

    The error happens because Azure SQL’s ActiveDirectoryPassword authentication doesn’t support personal Microsoft accounts (like Outlook or Hotmail). It only works with Azure AD work or school accounts. To fix it, create or use an Azure AD user, set that account as the SQL Server’s Active Directory admin, and run your PowerShell or CLI commands using that AAD account instead of your personal Microsoft login.

    Please don't forget to close up the thread here by upvoting and accept it as an answer if it is helpful

    1 person found this answer helpful.
    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.