Starting December 3, join live sessions with database experts and the Microsoft product team to learn just how easy it is to get started
Learn moreGet certified in Microsoft Fabric—for free! For a limited time, get a free DP-600 exam voucher to use by the end of 2024. Register now
Regardless of the complexity of SSO we still have customers that want to "secure" everything they do with constrained delegation and in some instances see it as a show stopper. Is there any plan to bring this into the product?
Thanks, James
Waow, this is a very interesting question.
I suppose that they want to use KCD in regard to their on-premises data sources otherwise I don't see it makes sense.
And the only on-premises data source that there truely is right now is SSAS Tabular, which supports and uses the EffectiveUserName property.
The EffectiveUserName property is a real Kerberos "killer" as it push the username down to the data source eliminating the need for delegating credentials. This way you get row level security without the need for setting up KCD.
If it becomes supported you will still need to setup Azure AD and Azure AD Application Proxy and then use an Azure AD Application proxy connector on you on-prem side. If these are 2 different domains you will have even more challenges before it works.
So for now, I will stay with the EffectiveUserName property if it's a viable solution for you.
Cheers
Régis
Starting December 3, join live sessions with database experts and the Fabric product team to learn just how easy it is to get started.
March 31 - April 2, 2025, in Las Vegas, Nevada. Use code MSCUST for a $150 discount! Early Bird pricing ends December 9th.
User | Count |
---|---|
25 | |
12 | |
12 | |
11 | |
8 |
User | Count |
---|---|
42 | |
27 | |
14 | |
13 | |
13 |