Error in function execution: ('HYT00', '[HYT00] [Microsoft][ODBC Driver 18 for SQL Server]Login timeout expired (0) (SQLDriverConnect)')

Hello @Philippe Vlaemminck

Based on the error message you provided, it seems like there might be a problem with the login credentials for your SQL Server. To troubleshoot this issue, I would recommend checking the following:

1. Make sure that the SQL Server firewall is configured to allow traffic from the IP address of your Azure Function. You can do this by going to the Azure portal, navigating to your SQL Server, and clicking on "Firewalls and virtual networks". From there, you can add a new firewall rule to allow traffic from your Azure Function's IP address.
2. Double-check that the connection string for your Azure Function is correct. You can find the connection string in the Azure portal, under "Configuration" for your Function App. Make sure that the connection string includes the correct server name, database name, and login credentials.
3. Check that the SQL Server is running and accessible from your machine. You can use Azure Data Studio or another tool to test the connection to your SQL Server.

That should get you started.

Hi @Philippe Vlaemminck Greetings! Welcome to Microsoft Q&A forum. Thank you for posting this question here.

There are few additional checks you can validate to make sure the System Managed Identity can access the Azure SQL Server.

1. Enable Microsoft Entra authentication to SQL Database by assigning a Microsoft Entra user as the admin of the server. Please note that this user is different from the Microsoft account you used to sign up for your Azure subscription. It must be a user that you created, imported, synced, or invited into Microsoft Entra ID. You can get the details of the Object ID for the System Managed identity created by running the following Azure CLI command

      azureaduser=$(az ad user list --filter "userPrincipalName eq '<user-principal-name>'" --query [].id --output tsv)
   

   Add this Microsoft Entra user as an Active Directory admin using az sql server ad-admin create command in the Cloud Shell.

      az sql server ad-admin create --resource-group myResourceGroup --server-name <server-name> --display-name ADMIN --object-id $azureaduser
   

2. Once you create the User into the Database, you would need to provide db_datareader or db_datawriter access to the identity. Please refer the following commands that needs to be executed by logging in through Entra Admin role to the SQL server

      CREATE USER [<identity-name>] FROM EXTERNAL PROVIDER;
      ALTER ROLE db_datareader ADD MEMBER [<identity-name>];
      ALTER ROLE db_datawriter ADD MEMBER [<identity-name>];
      GO
   

3. Configure the Azure Function SQL connection string to use Microsoft Entra managed identity authentication. In the application settings of our Function App the SQL connection string setting should be updated to follow this format:

      Server=demo.database.windows.net; Authentication=Active Directory Managed Identity; Database=testdb
   

Refer the article Tutorial: Connect a function app to Azure SQL with managed identity and SQL bindings that provides more details on the above configurations. Please let us know if you still encounter the same issue after validating the above steps.

If the response helped, please do click Accept Answer and Yes for the answer provided. Doing so would help other community members with similar issue identify the solution. I highly appreciate your contribution to the community.