Kerberos error on Mac

[sean256]

I'm pretty sure this is different than #141 as the exception is different.

• Azure Data Studio Version: 1.4.5
• OS: Mac OS X 10.14.3 (It also failed on 10.13.x before I updated and IIRC 10.12.x as well. It's never worked for me)

Note:

• My coworkers can and do connect to the same server using "Windows Authentication" using the same version of Azure Data Studio
• I verified that I have a kerberos ticket using klist
• I did run kinit anyway despite having a ticket
• It does not work on the latest insiders build

Error:

System.Data.SqlClient.SqlException (0x80131904): Cannot authenticate using Kerberos. Ensure Kerberos has been initialized on the client with 'kinit' and a Service Principal Name has been registered for the SQL Server to allow Kerberos authentication.
ErrorCode=InternalError, Exception=Interop+NetSecurityNative+GssApiException: GSSAPI operation failed with error -  An unsupported mechanism was requested (unknown mech-code 0 for mech unknown).
   at System.Net.Security.NegotiateStreamPal.GssInitSecurityContext(SafeGssContextHandle& context, SafeGssCredHandle credential, Boolean isNtlm, SafeGssNameHandle targetName, GssFlags inFlags, Byte[] buffer, Byte[]& outputBuffer, UInt32& outFlags, Int32& isNtlmUsed) in /xplat/cfxfork/corefx/src/Common/src/System/Net/Security/NegotiateStreamPal.Unix.cs:line 139
   at System.Net.Security.NegotiateStreamPal.EstablishSecurityContext(SafeFreeNegoCredentials credential, SafeDeleteContext& context, String targetName, ContextFlagsPal inFlags, SecurityBuffer inputBuffer, SecurityBuffer outputBuffer, ContextFlagsPal& outFlags) in /xplat/cfxfork/corefx/src/Common/src/System/Net/Security/NegotiateStreamPal.Unix.cs:line 169
   at System.Data.SqlClient.SNI.SNIProxy.GenSspiClientContext(SspiClientContextStatus sspiClientContextStatus, Byte[] receivedBuff, Byte[]& sendBuff, Byte[] serverName) in /xplat/cfxfork/corefx/src/System.Data.SqlClient/src/System/Data/SqlClient/SNI/SNIProxy.cs:line 152
   at System.Data.SqlClient.SNI.TdsParserStateObjectManaged.GenerateSspiClientContext(Byte[] receivedBuff, UInt32 receivedLength, Byte[]& sendBuff, UInt32& sendLength, Byte[] _sniSpnBuffer) in /xplat/cfxfork/corefx/src/System.Data.SqlClient/src/System/Data/SqlClient/TdsParserStateObjectManaged.cs:line 241
   at System.Data.SqlClient.TdsParser.SNISSPIData(Byte[] receivedBuff, UInt32 receivedLength, Byte[]& sendBuff, UInt32& sendLength) in /xplat/cfxfork/corefx/src/System.Data.SqlClient/src/System/Data/SqlClient/TdsParser.cs:line 6488
   at System.Data.SqlClient.SqlInternalConnectionTds..ctor(DbConnectionPoolIdentity identity, SqlConnectionString connectionOptions, SqlCredential credential, Object providerInfo, String newPassword, SecureString newSecurePassword, Boolean redirectedUserInstance, SqlConnectionString userConnectionOptions, SessionData reconnectSessionData, Boolean applyTransientFaultHandling, String accessToken) in /xplat/cfxfork/corefx/src/System.Data.SqlClient/src/System/Data/SqlClient/SqlInternalConnectionTds.cs:line 400
   at System.Data.SqlClient.SqlConnectionFactory.CreateConnection(DbConnectionOptions options, DbConnectionPoolKey poolKey, Object poolGroupProviderInfo, DbConnectionPool pool, DbConnection owningConnection, DbConnectionOptions userOptions) in /xplat/cfxfork/corefx/src/System.Data.SqlClient/src/System/Data/SqlClient/SqlConnectionFactory.cs:line 136
   at System.Data.ProviderBase.DbConnectionFactory.CreateNonPooledConnection(DbConnection owningConnection, DbConnectionPoolGroup poolGroup, DbConnectionOptions userOptions) in /xplat/cfxfork/corefx/src/Common/src/System/Data/ProviderBase/DbConnectionFactory.cs:line 96
   at System.Data.ProviderBase.DbConnectionFactory.<>c__DisplayClass40_0.<TryGetConnection>b__1(Task`1 _) in /xplat/cfxfork/corefx/src/System.Data.SqlClient/src/System/Data/ProviderBase/DbConnectionFactory.cs:line 86
   at System.Threading.Tasks.ContinuationResultTaskFromResultTask`2.InnerInvoke()
   at System.Threading.ExecutionContext.RunInternal(ExecutionContext executionContext, ContextCallback callback, Object state)
--- End of stack trace from previous location where exception was thrown ---
   at System.Threading.Tasks.Task.ExecuteWithThreadLocal(Task& currentTaskSlot)
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.SqlTools.ServiceLayer.Connection.ReliableConnection.ReliableSqlConnection.<>c__DisplayClass28_0.<<OpenAsync>b__0>d.MoveNext() in D:\a\1\s\src\Microsoft.SqlTools.ServiceLayer\Connection\ReliableConnection\ReliableSqlConnection.cs:line 303
--- End of stack trace from previous location where exception was thrown ---
   at Microsoft.SqlTools.ServiceLayer.Connection.ConnectionService.TryOpenConnection(ConnectionInfo connectionInfo, ConnectParams connectionParams) in D:\a\1\s\src\Microsoft.SqlTools.ServiceLayer\Connection\ConnectionService.cs:line 521
ClientConnectionId:7f0a56f0-2a1c-4538-800a-0a58540ce907

[deckerbd]

I'm getting this exact same thing right now as well.

• Azure Data Studio 1.5.2
• OS: Mac OSX 10.14.4

I can connect using a SQL login, but cannot connect using Windows Authentication. I've confirmed I have a valid Kerberos ticket, and it's working to authenticate me in Safari across the domain, just not Azure Data Studio.

[webtasarim16]

are you connected now. can u help me step by step if u are connect to mssql server?

[cheenamalhotra]

This should be resolved with the latest insiders build as tested and verified.
Closing the issue as resolved.