Yonatan Shlain
Yonatan Shlain

Reputation: 1

Azure ADF copy-activity from Microsoft 365 to storage account fails

I’ve a continuous problem with my ADF pipeline - I’m trying to run a "copy-data" pipeline and encounter access and permission errors with my specific resources. My source is a Microsoft 365 Table connector (I’m retrieving some columns from my organization mails) My sink is a storage account. In my SA access control properties, I’ve given my app appropriate IAM role with the all the necessary permissions so it can access the storage account and write the data successfully. Now since I don’t want my storage to be public, I chose the public network access to be "Enabled from selected virtual networks and IP addresses".

What can be the problem? How do I solve this issue?

Upvotes: 0

Views: 352

Answers (1)

Bhavani
Bhavani

Reputation: 5317

To copy and transform data from Microsoft 365 (Office 365) into Azure, you need to complete the following prerequisite steps:

  • Your Microsoft 365 (Office 365) tenant admin must complete on-boarding actions as described here.
  • Create and configure a Microsoft Entra web application in Microsoft Entra ID. For instructions, see Create a Microsoft Entra application.
  • Make note of the following values, which you will use to define the linked service for Microsoft 365 (Office 365):
  • Add the user identity who will be making the data access request as the owner of the Microsoft Entra web application (from the Microsoft Entra web application > Settings > Owners > Add owner).
    • The user identity must be in the Microsoft 365 (Office 365) organization you are getting data from and must not be a Guest user.

You should use service principal authentication instead of system assigned authentication as shown below:

enter image description here

You should use service principal authentication for blob storage also Refer here for how to set up service principal authentication for Azure Blob Storage. In the New Linked Service window, enter "AzureStorageLinkedService" as name, select "Service Principal" from the dropdown list of authentication methods, fill in the Service Endpoint, Tenant, Service principal ID, and Service principal key, then select Save to deploy the linked service.

enter image description here

Then you will be able to copy from Microsoft 365 to blob storage successfully without any error. For more information you can refer below documents:

Upvotes: 0

Related Questions