Skip to main content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Calling all Data Engineers! Fabric Data Engineer (Exam DP-700) live sessions are back! Starting October 16th. Sign up.

Reply
kvwielink
Frequent Visitor

Power BI On-premises gateway cannot connect to database with service principal

‎09-17-2024 10:58 AM

One of our clients uses Power BI with an on-premises gateway that is running on a VM within their virtual network. The Azure SQL database which contains the report data has public network access set to disabled. Only access through private endpoints is allowed. We discovered that the authorization of the Power BI gateway connections was still configured using OAuth 2.0 using personal user credentials. We are trying to switch this to using a service principal instead.

We have created a new service principal for this purpose in MS Entra and added it to the db_datareader role on the database. However, when we are trying to configure the connection in Power BI we get the error "Unable to create connection for the following reason: Unable to connect to the data source or the connection was forcibly closed". The full error is shown in this screenshot:

Wi4JK4Vw.png

To be sure the user was added correctly to the database, we temporarily switched public network access back on. When we then created a cloud connection instead of on-premises, the connection was successful so we know the principal works and the secret value is correct.

Any help as to why we are not able to configure this correctly when public access to the database is turned off would be greatly appreciated.

Labels:
Message 1 of 12
2,314 Views
0
1 ACCEPTED SOLUTION
kvwielink
Frequent Visitor

‎09-20-2024 12:02 AM

Just to update here as well, I've contacted support and they confirmed this is currently not possible, even though the option is showing in the selection drop down when setting up the connection. It is not possible to use a service principal when connecting through an on-premises data gateway within a private network.

Thanks for the help everyone.

View solution in original post

Message 12 of 12
2,111 Views
0
11 REPLIES 11
kvwielink
Frequent Visitor

‎09-20-2024 12:02 AM

Just to update here as well, I've contacted support and they confirmed this is currently not possible, even though the option is showing in the selection drop down when setting up the connection. It is not possible to use a service principal when connecting through an on-premises data gateway within a private network.

Thanks for the help everyone.

Message 12 of 12
2,112 Views
0
lbendlin
Super User
Super User

‎09-17-2024 03:17 PM

As the error message suggests you can open a Pro ticket at https://admin.powerplatform.microsoft.com/newsupportticket/powerbi
Otherwise you can raise an issue at https://community.fabric.microsoft.com/t5/Issues/idb-p/Issues .

Message 9 of 12
2,282 Views
0
kvwielink
Frequent Visitor
In response to lbendlin

‎09-18-2024 12:11 AM

Unfortunately that's not an option as I don't have a support plan available.

Message 10 of 12
2,258 Views
GilbertQ
Super User
Super User
In response to kvwielink

‎09-18-2024 05:38 PM

Did you try the link suggested from @lbendlin 





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 11 of 12
2,188 Views
0
GilbertQ
Super User
Super User

‎09-17-2024 03:07 PM

Hi @kvwielink 

 

Have you tried to log into your azure sql database by logging into the gateway virtual machine and then authenticating via the service principle to see if that works? The reason for this is to check to make sure that the gateway can access it with the service principle.





Did I answer your question? Mark my post as a solution!

Proud to be a Super User!







Power BI Blog

Message 2 of 12
2,284 Views
0
kvwielink
Frequent Visitor
In response to GilbertQ

‎09-18-2024 12:11 AM

Hi Gilbert,

 

How would I set about doing that? I can access the VM where the gateway is running but if I try to sign in on the On-prem data gateway the only option I see is to use an email address, not a service principal.

Message 3 of 12
2,259 Views
0
lbendlin
Super User
Super User
In response to kvwielink

‎09-18-2024 04:17 AM

That login has nothing to do with the operation of the gateway. It is not strictly required. (There is a bug that will prevent a new gateway version number to show up in the service until you log in, but that's it)

Message 4 of 12
2,246 Views
0
kvwielink
Frequent Visitor
In response to lbendlin

‎09-18-2024 05:15 AM

That's what I figured, but then I still don't understand how I'm supposed to test @GilbertQ 's comment.

Message 5 of 12
2,237 Views
0
lbendlin
Super User
Super User
In response to kvwielink

‎09-18-2024 05:19 AM

On the gateway VM install SSMS or ADS, and then attempt the login to the db via SP from that tool.

 

Message 6 of 12
2,235 Views
0
kvwielink
Frequent Visitor
In response to lbendlin

‎09-18-2024 09:50 AM

Thanks for the clarification. I am able to connect from that server in SSMS using the service principal Application ID and token. The same credentials still give the same error in the Power BI Gateway connection settings

Message 7 of 12
2,210 Views
0
lbendlin
Super User
Super User
In response to kvwielink

‎09-18-2024 03:13 PM

If you have a Pro license you can open a Pro ticket at https://admin.powerplatform.microsoft.com/newsupportticket/powerbi
Otherwise you can raise an issue at https://community.fabric.microsoft.com/t5/Issues/idb-p/Issues .

Message 8 of 12
2,195 Views
0

Helpful resources

Announcements
FabCon Global Hackathon Carousel

FabCon Global Hackathon

Join the Fabric FabCon Global Hackathon—running virtually through Nov 3. Open to all skill levels. $10,000 in prizes!

FabCon Atlanta 2026 carousel

FabCon Atlanta 2026

Join us at FabCon Atlanta, March 16-20, for the ultimate Fabric, Power BI, AI and SQL community-led event. Save $200 with code FABCOMM.

View All
Top Solution Authors
View All
Top Kudoed Authors
View All