Share via

Why can't I get a Connection from SqlConnect() on my PC to Azure SQL Database?

Mark Siminski 0 Reputation points
2025-08-28T17:10:04.33+00:00

I am new to Azure. I have created an Azure SQL Database. I can access the database with SMSS and look through the database using MicrosoftEntraPassword or MicrosoftEntraIntegrated. When I use my application running on same host as SMSS it fails.

var builder = new SqlConnectionStringBuilder
{
    DataSource               = "estimator1.database.windows.net",
    //UserID                 = "******@arcticair4me.com",
    //Password               = "xxxxxxxxx",
    InitialCatalog           = "dbEstimator",
    Authentication           = SqlAuthenticationMethod.ActiveDirectoryIntegrated,
    ConnectTimeout           = 60,
    MultipleActiveResultSets = false,
    Encrypt                  = true,
    PersistSecurityInfo      = false,
    TrustServerCertificate   = false
};
try
{
    var connectionString = builder.ConnectionString;
    await using SqlConnection Connection = new ( connectionString );

Connection = DesignMode = false, ServerVersion = {"Invalid operation. The connection is closed."}, State = Closed

I have no clue what I am doing wrong and have spent days looking at permissions and tons of other setting with no solution. It would be helpful if I knew what Error was occurring in the SqlConnection but I haven't figured out how to get that yet.

I have run the AzureSQLConnectivityChecker and what I get back from it isn't helping either:

######################################################
SUMMARY:
######################################################
 Found DNS record in DNS server (IP Address:20.51.9.131)
 Found DNS record in Open DNS (IP Address:20.51.9.131)
 Connectivity to login.windows.net:443 succeeded (used for AAD Password and Integrated Authentication)
 Connectivity to login.microsoftonline.com:443 succeeded (used for AAD Universal with MFA authentication)
 Connectivity to secure.aadcdn.microsoftonline-p.com:443 succeed (used for AAD Universal with MFA authentication)
 Login against database master failed for user '******@arcticair4me.com@estimator1.database.windows.net'

######################################################
RECOMMENDED ACTION(S):
######################################################
 Login against database master failed for user '******@arcticair4me.com@estimator1.database.windows.net'
 This error indicates that the login request was rejected, the most common reasons are:
 - Incorrect or empty password: Please ensure that you have provided the correct password.
 - Database does not exist: Please ensure that the connection string has the correct database name.
 - Insufficient permissions: The user does not have CONNECT permissions to the database. Please ensure that the user is granted the necessary permissions to login.
 - Connections rejected due to DoSGuard protection: DoSGuard actively tracks failed logins from IP addresses. If there are multiple failed logins from a specific IP addre
ss within a period of time, the IP address is blocked from accessing any resources in the service for a pre-defined time period even if the password and other permissions

It could be insufficient permissions or DosGuard. Can't find either. Any help would certainly be appreciated.

Mark

Azure SQL Database

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. John Burkholder 0 Reputation points
    2025-08-28T20:34:43.8766667+00:00

    Hi Mark, thanks for the detailed breakdown—you're definitely on the right track. Since you're able to connect via SSMS using Microsoft Entra Integrated or Password authentication, but your app fails using SqlConnect() with ActiveDirectoryIntegrated, the issue likely stems from one of the following:

    🔍 Key Areas to Check

    ✅ 1. Authentication Method Compatibility

    • ActiveDirectoryIntegrated requires:
      • The app to run under a domain-joined Windows account.
        • Azure AD joined or hybrid joined machine.
          • SSO (Single Sign-On) to be enabled.
          • If your machine is not domain-joined or not Azure AD joined, this method will fail silently.

    Try switching to:

    Authentication = SqlAuthenticationMethod.ActiveDirectoryPassword

    and explicitly provide UserID and Password.

    ✅ 2. Connection String Format

    Make sure your connection string is correctly formatted. Here's a working example using ActiveDirectoryPassword:

    var builder = new SqlConnectionStringBuilder
{
    DataSource = "estimator1.database.windows.net",
    InitialCatalog = "dbEstimator",
    UserID = "******@yourdomain.com",
    Password = "yourpassword",
    Authentication = SqlAuthenticationMethod.ActiveDirectoryPassword,
    Encrypt = true,
    TrustServerCertificate = false
};

    ✅ 3. Error Handling

    To get the actual error message, wrap your connection logic in a try-catch block:

    try
{
    using var connection = new SqlConnection(builder.ConnectionString);
    await connection.OpenAsync();
    Console.WriteLine("Connection successful!");
}
catch (SqlException ex)
{
    Console.WriteLine($"SQL Error: {ex.Message}");
}
catch (Exception ex)
{
    Console.WriteLine($"General Error: {ex.Message}");
}

    ✅ 4. DoSGuard Protection

    If you've had multiple failed login attempts, DoSGuard may temporarily block your IP. You can:

    • Wait ~15–30 minutes and retry.
    • Try from a different network or IP.
    • Check Azure SQL logs for blocked IPs.

    ✅ 5. Firewall and Network Rules

    Even though SMSS works, double-check:

    • Azure SQL firewall rules allow your public IP.
    • No NSG or local firewall is blocking outbound traffic from your app.
    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.