Azure Data Studio Version:
Version: 1.27.0 (system setup)
Commit: 765c7064d46253d88393e0e1ff78874b6fe8fa64
Date: 2021-03-16T21:24:59.168Z (1 wk ago)
VS Code: 1.51.0
Electron: 9.4.3
Chrome: 83.0.4103.122
Node.js: 12.14.1
V8: 8.3.110.13-electron.0
OS: Windows_NT x64 10.0.19042
Steps to Reproduce:
Azure SQL, create users based on AD groups (e.g. Create user [db-readers] FROM EXTERNAL PROVIDER; grant roles as appropriate)
Add team member to that group in Azure AD.
They connect to DB with ADS using Azure AD authentication and are able to log in and do their stuff 👍
Add the team member to an elevated privilege group (e.g. db writers) in Azure AD
Disconnect and reconnect to the Server/DB and try and modify data - fails 👎
AD account has to be removed in ADS and re-added to pick up new permissions.
We are currently manually doing the group membership changes in AD but will be looking at using PIM in future so would hope this scenario would work out of the box.
Steps to Reproduce:
We are currently manually doing the group membership changes in AD but will be looking at using PIM in future so would hope this scenario would work out of the box.
Are we doing something wrong?