Using Data Lake Analytics Linked Service Service Principal Authentication in Data Factory

1
votes

Trying to add a compute node to ADF (v1), using Azure Data Lake Analytics Linked Service to make some simple u-sql jobs. Data Lake Store Linked Service is already in place and working with service principle authentication, but I can't deploy ADLA linked service with servicePrincipalId and Key.

As per this article, ADLA Linked Service supports service principle authentication for some time now: https://docs.microsoft.com/en-us/azure/data-factory/v1/data-factory-usql-activity#azure-data-lake-analytics-linked-service

The intellisense tells me the parameters are not valid and insists on user credential. Here's a screenshot:

ADF Portal Editor ADLA-ls

(Same warnings in visual studio data factory project btw.)

When I deploy with SPN anyway, I get the error "Entity provisioning failed: Internal Server Error".

Anyone successfully use service principle auth with ADLA linked service?

2
azureazure-data-factoryazure-data-lake
I have the same issue. SP auth is only accepted for data lake storage in ADFv1. I currently have an open support ticket with Microsoft about it.Paul Andrew
@PaulAndrew, are you using User Credential auth in the meantime, or do you have any different workaround?grayincarnation
using user session and tokens in the meantime.Paul Andrew

2 Answers

1
votes

It works for me using the following settings:

{
  "name": "datalakeanalyticsinstanceLinkedService",
  "properties": {
    "type": "AzureDataLakeAnalytics",
    "typeProperties": {
      "accountName": "datalakeanalyticsinstance",
      "servicePrincipalId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx",
      "servicePrincipalKey": "abcdefghijklmopqrstuvwxyz123456780",
      "tenant": "mytenant.onmicrosoft.com"
    }
  }
}

Also make sure you've run the "Add User Wizard" from Data Lake Analytics. Using this wizard I added the service principal as an Owner with R+W permissions.

Edit: This blog post was just published with many details on Serivce Principal authentication

1
votes

After a couple of weeks of frustration, suddenly this issue resolved itself.

Adding SP via the "Add Users Wizard" from ADLA is certainly a must for any data lake related pipelines, as @Simon suggested. Other than that @Paul's blog clearly explains the process.

The fact that my pipeline suddenly started working at exactly midnight and hasn't failed since, makes me think ADF has recently got some bugs fixed. So until ADFv2 is fully GA, I suggest deploying the linked services over and over again, or better yet (and more frustrating) deploying new pipelines and services from scratch.