dotnet
diff --git a/‎doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml‎
Lines changed: 4 additions & 0 deletions b/‎doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎src/Microsoft.Data.SqlClient/netcore/ref/Microsoft.Data.SqlClient.cs‎
Lines changed: 2 additions & 0 deletions b/‎src/Microsoft.Data.SqlClient/netcore/ref/Microsoft.Data.SqlClient.cs‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/Common/DbConnectionStringCommon.cs‎
Lines changed: 49 additions & 4 deletions b/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/Common/DbConnectionStringCommon.cs‎
Lines changed: 49 additions & 4 deletions
diff --git a/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlAuthenticationProviderManager.NetCoreApp.cs‎
Lines changed: 2 additions & 0 deletions b/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlAuthenticationProviderManager.NetCoreApp.cs‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlAuthenticationProviderManager.cs‎
Lines changed: 2 additions & 0 deletions b/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlAuthenticationProviderManager.cs‎
Lines changed: 2 additions & 0 deletions
diff --git a/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlConnection.cs‎
Lines changed: 25 additions & 8 deletions b/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlConnection.cs‎
Lines changed: 25 additions & 8 deletions
diff --git a/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlConnectionString.cs‎
Lines changed: 7 additions & 2 deletions b/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlConnectionString.cs‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs‎
Lines changed: 3 additions & 0 deletions b/‎src/Microsoft.Data.SqlClient/netcore/src/Microsoft/Data/SqlClient/SqlInternalConnectionTds.cs‎
Lines changed: 3 additions & 0 deletions
@@ -41,5 +41,9 @@
           <summary>Alias for "Active Directory Managed Identity" authentication method. Use System Assigned or User Assigned Managed Identity to connect to SQL Database from Azure client environments that have enabled support for Managed Identity. For User Assigned Managed Identity, 'User Id' or 'UID' is required to be set to the "client ID" of the user identity.</summary>
           <value>8</value>
         </ActiveDirectoryMSI>
+      <ActiveDirectoryDefault>
+          <summary>The authentication method uses Active Directory Default. Use this mode to connect to a SQL Database using multiple non-interactive authentication methods tried sequentially to acquire an access token. This method does not fallback to the "Active Directory Interactive" authentication method.</summary>
+          <value>9</value>
+      </ActiveDirectoryDefault>
     </members>
 </docs>
@@ -99,6 +99,8 @@ public enum SqlAuthenticationMethod
         ActiveDirectoryManagedIdentity = 7,
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/ActiveDirectoryMSI/*'/>
         ActiveDirectoryMSI = 8,
+        /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/ActiveDirectoryDefault/*'/>
+        ActiveDirectoryDefault = 9,
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/NotSpecified/*'/>
         NotSpecified = 0,
         /// <include file='../../../../doc/snippets/Microsoft.Data.SqlClient/SqlAuthenticationMethod.xml' path='docs/members[@name="SqlAuthenticationMethod"]/SqlPassword/*'/>
 
@@ -99,6 +99,7 @@ internal static string ConvertToString(object value)
 
         private const string ApplicationIntentReadWriteString = "ReadWrite";
         private const string ApplicationIntentReadOnlyString = "ReadOnly";
+
         const string SqlPasswordString = "Sql Password";
         const string ActiveDirectoryPasswordString = "Active Directory Password";
         const string ActiveDirectoryIntegratedString = "Active Directory Integrated";
@@ -107,13 +108,48 @@ internal static string ConvertToString(object value)
         const string ActiveDirectoryDeviceCodeFlowString = "Active Directory Device Code Flow";
         internal const string ActiveDirectoryManagedIdentityString = "Active Directory Managed Identity";
         internal const string ActiveDirectoryMSIString = "Active Directory MSI";
+        internal const string ActiveDirectoryDefaultString = "Active Directory Default";
 
-        internal static bool TryConvertToAuthenticationType(string value, out SqlAuthenticationMethod result)
+#if DEBUG
+        private static string[] s_supportedAuthenticationModes =
+        {
+            "NotSpecified",
+            "SqlPassword",
+            "ActiveDirectoryPassword",
+            "ActiveDirectoryIntegrated",
+            "ActiveDirectoryInteractive",
+            "ActiveDirectoryServicePrincipal",
+            "ActiveDirectoryDeviceCodeFlow",
+            "ActiveDirectoryManagedIdentity",
+            "ActiveDirectoryMSI",
+            "ActiveDirectoryDefault"
+        };
+
+        private static bool IsValidAuthenticationMethodEnum()
         {
-            Debug.Assert(Enum.GetNames(typeof(SqlAuthenticationMethod)).Length == 9, "SqlAuthenticationMethod enum has changed, update needed");
+            string[] names = Enum.GetNames(typeof(SqlAuthenticationMethod));
+            int l = s_supportedAuthenticationModes.Length;
+            bool listValid;
+            if (listValid = names.Length == l)
+            {
+                for (int i = 0; i < l; i++)
+                {
+                    if (s_supportedAuthenticationModes[i].CompareTo(names[i]) != 0)
+                    {
+                        listValid = false;
+                    }
+                }
+            }
+            return listValid;
+        }
+#endif
 
+        internal static bool TryConvertToAuthenticationType(string value, out SqlAuthenticationMethod result)
+        {
+#if DEBUG
+            Debug.Assert(IsValidAuthenticationMethodEnum(), "SqlAuthenticationMethod enum has changed, update needed");
+#endif
             bool isSuccess = false;
-
             if (StringComparer.InvariantCultureIgnoreCase.Equals(value, SqlPasswordString)
                 || StringComparer.InvariantCultureIgnoreCase.Equals(value, Convert.ToString(SqlAuthenticationMethod.SqlPassword, CultureInfo.InvariantCulture)))
             {
@@ -162,6 +198,12 @@ internal static bool TryConvertToAuthenticationType(string value, out SqlAuthent
                 result = SqlAuthenticationMethod.ActiveDirectoryMSI;
                 isSuccess = true;
             }
+            else if (StringComparer.InvariantCultureIgnoreCase.Equals(value, ActiveDirectoryDefaultString)
+                || StringComparer.InvariantCultureIgnoreCase.Equals(value, Convert.ToString(SqlAuthenticationMethod.ActiveDirectoryDefault, CultureInfo.InvariantCulture)))
+            {
+                result = SqlAuthenticationMethod.ActiveDirectoryDefault;
+                isSuccess = true;
+            }
             else
             {
                 result = DbConnectionStringDefaults.Authentication;
@@ -606,7 +648,7 @@ internal static ApplicationIntent ConvertToApplicationIntent(string keyword, obj
 
         internal static bool IsValidAuthenticationTypeValue(SqlAuthenticationMethod value)
         {
-            Debug.Assert(Enum.GetNames(typeof(SqlAuthenticationMethod)).Length == 9, "SqlAuthenticationMethod enum has changed, update needed");
+            Debug.Assert(Enum.GetNames(typeof(SqlAuthenticationMethod)).Length == 10, "SqlAuthenticationMethod enum has changed, update needed");
             return value == SqlAuthenticationMethod.SqlPassword
                 || value == SqlAuthenticationMethod.ActiveDirectoryPassword
                 || value == SqlAuthenticationMethod.ActiveDirectoryIntegrated
@@ -615,6 +657,7 @@ internal static bool IsValidAuthenticationTypeValue(SqlAuthenticationMethod valu
                 || value == SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow
                 || value == SqlAuthenticationMethod.ActiveDirectoryManagedIdentity
                 || value == SqlAuthenticationMethod.ActiveDirectoryMSI
+                || value == SqlAuthenticationMethod.ActiveDirectoryDefault
                 || value == SqlAuthenticationMethod.NotSpecified;
         }
 
@@ -640,6 +683,8 @@ internal static string AuthenticationTypeToString(SqlAuthenticationMethod value)
                     return ActiveDirectoryManagedIdentityString;
                 case SqlAuthenticationMethod.ActiveDirectoryMSI:
                     return ActiveDirectoryMSIString;
+                case SqlAuthenticationMethod.ActiveDirectoryDefault:
+                    return ActiveDirectoryDefaultString;
                 default:
                     return null;
             }
 
@@ -152,6 +152,8 @@ private static SqlAuthenticationMethod AuthenticationEnumFromString(string authe
                     return SqlAuthenticationMethod.ActiveDirectoryManagedIdentity;
                 case ActiveDirectoryMSI:
                     return SqlAuthenticationMethod.ActiveDirectoryMSI;
+                case ActiveDirectoryDefault:
+                    return SqlAuthenticationMethod.ActiveDirectoryDefault;
                 default:
                     throw SQL.UnsupportedAuthentication(authentication);
             }
 
@@ -21,6 +21,7 @@ internal partial class SqlAuthenticationProviderManager
         private const string ActiveDirectoryDeviceCodeFlow = "active directory device code flow";
         private const string ActiveDirectoryManagedIdentity = "active directory managed identity";
         private const string ActiveDirectoryMSI = "active directory msi";
+        private const string ActiveDirectoryDefault = "active directory default";
 
         private readonly string _typeName;
         private readonly IReadOnlyCollection<SqlAuthenticationMethod> _authenticationsWithAppSpecifiedProvider;
@@ -46,6 +47,7 @@ private static void SetDefaultAuthProviders(SqlAuthenticationProviderManager ins
                 instance.SetProvider(SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow, activeDirectoryAuthProvider);
                 instance.SetProvider(SqlAuthenticationMethod.ActiveDirectoryManagedIdentity, activeDirectoryAuthProvider);
                 instance.SetProvider(SqlAuthenticationMethod.ActiveDirectoryMSI, activeDirectoryAuthProvider);
+                instance.SetProvider(SqlAuthenticationMethod.ActiveDirectoryDefault, activeDirectoryAuthProvider);
             }
         }
         /// <summary>
 
@@ -193,11 +193,15 @@ public SqlConnection(string connectionString, SqlCredential credential) : this()
                 }
                 else if (UsesActiveDirectoryManagedIdentity(connectionOptions))
                 {
-                    throw SQL.SettingCredentialWithManagedIdentityArgument(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);
+                    throw SQL.SettingCredentialWithNonInteractiveArgument(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);
                 }
                 else if (UsesActiveDirectoryMSI(connectionOptions))
                 {
-                    throw SQL.SettingCredentialWithManagedIdentityArgument(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);
+                    throw SQL.SettingCredentialWithNonInteractiveArgument(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);
+                }
+                else if (UsesActiveDirectoryDefault(connectionOptions))
+                {
+                    throw SQL.SettingCredentialWithNonInteractiveArgument(DbConnectionStringBuilderUtil.ActiveDirectoryDefaultString);
                 }
 
                 Credential = credential;
@@ -508,6 +512,11 @@ private bool UsesActiveDirectoryMSI(SqlConnectionString opt)
             return opt != null && opt.Authentication == SqlAuthenticationMethod.ActiveDirectoryMSI;
         }
 
+        private bool UsesActiveDirectoryDefault(SqlConnectionString opt)
+        {
+            return opt != null && opt.Authentication == SqlAuthenticationMethod.ActiveDirectoryDefault;
+        }
+
         private bool UsesAuthentication(SqlConnectionString opt)
         {
             return opt != null && opt.Authentication != SqlAuthenticationMethod.NotSpecified;
@@ -565,7 +574,7 @@ public override string ConnectionString
                     if (_credential != null)
                     {
                         // Check for Credential being used with Authentication=ActiveDirectoryIntegrated | ActiveDirectoryInteractive |
-                        //  ActiveDirectoryDeviceCodeFlow | ActiveDirectoryManagedIdentity/ActiveDirectoryMSI. Since a different error string is used
+                        //  ActiveDirectoryDeviceCodeFlow | ActiveDirectoryManagedIdentity/ActiveDirectoryMSI | ActiveDirectoryDefault. Since a different error string is used
                         // for this case in ConnectionString setter vs in Credential setter, check for this error case before calling
                         // CheckAndThrowOnInvalidCombinationOfConnectionStringAndSqlCredential, which is common to both setters.
                         if (UsesActiveDirectoryIntegrated(connectionOptions))
@@ -582,11 +591,15 @@ public override string ConnectionString
                         }
                         else if (UsesActiveDirectoryManagedIdentity(connectionOptions))
                         {
-                            throw SQL.SettingManagedIdentityWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);
+                            throw SQL.SettingNonInteractiveWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);
                         }
                         else if (UsesActiveDirectoryMSI(connectionOptions))
                         {
-                            throw SQL.SettingManagedIdentityWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);
+                            throw SQL.SettingNonInteractiveWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);
+                        }
+                        else if (UsesActiveDirectoryDefault(connectionOptions))
+                        {
+                            throw SQL.SettingNonInteractiveWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryDefaultString);
                         }
 
                         CheckAndThrowOnInvalidCombinationOfConnectionStringAndSqlCredential(connectionOptions);
@@ -878,7 +891,7 @@ public SqlCredential Credential
                 {
                     var connectionOptions = (SqlConnectionString)ConnectionOptions;
                     // Check for Credential being used with Authentication=ActiveDirectoryIntegrated | ActiveDirectoryInteractive |
-                    // ActiveDirectoryDeviceCodeFlow | ActiveDirectoryManagedIdentity/ActiveDirectoryMSI. Since a different error string is used
+                    // ActiveDirectoryDeviceCodeFlow | ActiveDirectoryManagedIdentity/ActiveDirectoryMSI | ActiveDirectoryDefault. Since a different error string is used
                     // for this case in ConnectionString setter vs in Credential setter, check for this error case before calling
                     // CheckAndThrowOnInvalidCombinationOfConnectionStringAndSqlCredential, which is common to both setters.
                     if (UsesActiveDirectoryIntegrated(connectionOptions))
@@ -895,11 +908,15 @@ public SqlCredential Credential
                     }
                     else if (UsesActiveDirectoryManagedIdentity(connectionOptions))
                     {
-                        throw SQL.SettingCredentialWithManagedIdentityInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);
+                        throw SQL.SettingCredentialWithNonInteractiveInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);
                     }
                     else if (UsesActiveDirectoryMSI(connectionOptions))
                     {
-                        throw SQL.SettingCredentialWithManagedIdentityInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);
+                        throw SQL.SettingCredentialWithNonInteractiveInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);
+                    }
+                    else if (UsesActiveDirectoryDefault(connectionOptions))
+                    {
+                        throw SQL.SettingCredentialWithNonInteractiveInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryDefaultString);
                     }
 
                     CheckAndThrowOnInvalidCombinationOfConnectionStringAndSqlCredential(connectionOptions);
 
@@ -484,12 +484,17 @@ internal SqlConnectionString(string connectionString) : base(connectionString, G
 
             if (Authentication == SqlAuthenticationMethod.ActiveDirectoryManagedIdentity && HasPasswordKeyword)
             {
-                throw SQL.ManagedIdentityWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);
+                throw SQL.NonInteractiveWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);
             }
 
             if (Authentication == SqlAuthenticationMethod.ActiveDirectoryMSI && HasPasswordKeyword)
             {
-                throw SQL.ManagedIdentityWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);
+                throw SQL.NonInteractiveWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);
+            }
+
+            if (Authentication == SqlAuthenticationMethod.ActiveDirectoryDefault && HasPasswordKeyword)
+            {
+                throw SQL.NonInteractiveWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryDefaultString);
             }
         }
 
 
@@ -1308,6 +1308,7 @@ private void Login(ServerInfo server, TimeoutTimer timeout, string newPassword,
                 || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryServicePrincipal
                 || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryManagedIdentity
                 || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryMSI
+                || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryDefault
                 // Since AD Integrated may be acting like Windows integrated, additionally check _fedAuthRequired
                 || (ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryIntegrated && _fedAuthRequired))
             {
@@ -2116,6 +2117,7 @@ internal void OnFedAuthInfo(SqlFedAuthInfo fedAuthInfo)
                          || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow
                          || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryManagedIdentity
                          || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryMSI
+                         || ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryDefault
                          || (ConnectionOptions.Authentication == SqlAuthenticationMethod.ActiveDirectoryIntegrated && _fedAuthRequired),
                          "Credentials aren't provided for calling MSAL");
             Debug.Assert(fedAuthInfo != null, "info should not be null.");
@@ -2358,6 +2360,7 @@ internal SqlFedAuthToken GetFedAuthToken(SqlFedAuthInfo fedAuthInfo)
                         case SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow:
                         case SqlAuthenticationMethod.ActiveDirectoryManagedIdentity:
                         case SqlAuthenticationMethod.ActiveDirectoryMSI:
+                        case SqlAuthenticationMethod.ActiveDirectoryDefault:
                             if (_activeDirectoryAuthTimeoutRetryHelper.State == ActiveDirectoryAuthenticationTimeoutRetryState.Retrying)
                             {
                                 _fedAuthToken = _activeDirectoryAuthTimeoutRetryHelper.CachedToken;
Original file line number	Diff line number	Diff line change
`@@ -152,6 +152,8 @@ private static SqlAuthenticationMethod AuthenticationEnumFromString(string authe`
`152`	`152`	`return SqlAuthenticationMethod.ActiveDirectoryManagedIdentity;`
`153`	`153`	`case ActiveDirectoryMSI:`
`154`	`154`	`return SqlAuthenticationMethod.ActiveDirectoryMSI;`
	`155`	`+ case ActiveDirectoryDefault:`
	`156`	`+ return SqlAuthenticationMethod.ActiveDirectoryDefault;`
`155`	`157`	`default:`
`156`	`158`	`throw SQL.UnsupportedAuthentication(authentication);`
`157`	`159`	`}`
Original file line number	Diff line number	Diff line change
`@@ -21,6 +21,7 @@ internal partial class SqlAuthenticationProviderManager`
`21`	`21`	`private const string ActiveDirectoryDeviceCodeFlow = "active directory device code flow";`
`22`	`22`	`private const string ActiveDirectoryManagedIdentity = "active directory managed identity";`
`23`	`23`	`private const string ActiveDirectoryMSI = "active directory msi";`
	`24`	`+ private const string ActiveDirectoryDefault = "active directory default";`
`24`	`25`
`25`	`26`	`private readonly string _typeName;`
`26`	`27`	`private readonly IReadOnlyCollection<SqlAuthenticationMethod> _authenticationsWithAppSpecifiedProvider;`
`@@ -46,6 +47,7 @@ private static void SetDefaultAuthProviders(SqlAuthenticationProviderManager ins`
`46`	`47`	`instance.SetProvider(SqlAuthenticationMethod.ActiveDirectoryDeviceCodeFlow, activeDirectoryAuthProvider);`
`47`	`48`	`instance.SetProvider(SqlAuthenticationMethod.ActiveDirectoryManagedIdentity, activeDirectoryAuthProvider);`
`48`	`49`	`instance.SetProvider(SqlAuthenticationMethod.ActiveDirectoryMSI, activeDirectoryAuthProvider);`
	`50`	`+ instance.SetProvider(SqlAuthenticationMethod.ActiveDirectoryDefault, activeDirectoryAuthProvider);`
`49`	`51`	`}`
`50`	`52`	`}`
`51`	`53`	`/// <summary>`
Original file line number	Diff line number	Diff line change
`@@ -193,11 +193,15 @@ public SqlConnection(string connectionString, SqlCredential credential) : this()`
`193`	`193`	`}`
`194`	`194`	`else if (UsesActiveDirectoryManagedIdentity(connectionOptions))`
`195`	`195`	`{`
`196`		`- throw SQL.SettingCredentialWithManagedIdentityArgument(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);`
	`196`	`+ throw SQL.SettingCredentialWithNonInteractiveArgument(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);`
`197`	`197`	`}`
`198`	`198`	`else if (UsesActiveDirectoryMSI(connectionOptions))`
`199`	`199`	`{`
`200`		`- throw SQL.SettingCredentialWithManagedIdentityArgument(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);`
	`200`	`+ throw SQL.SettingCredentialWithNonInteractiveArgument(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);`
	`201`	`+ }`
	`202`	`+ else if (UsesActiveDirectoryDefault(connectionOptions))`
	`203`	`+ {`
	`204`	`+ throw SQL.SettingCredentialWithNonInteractiveArgument(DbConnectionStringBuilderUtil.ActiveDirectoryDefaultString);`
`201`	`205`	`}`
`202`	`206`
`203`	`207`	`Credential = credential;`
`@@ -508,6 +512,11 @@ private bool UsesActiveDirectoryMSI(SqlConnectionString opt)`
`508`	`512`	`return opt != null && opt.Authentication == SqlAuthenticationMethod.ActiveDirectoryMSI;`
`509`	`513`	`}`
`510`	`514`
	`515`	`+ private bool UsesActiveDirectoryDefault(SqlConnectionString opt)`
	`516`	`+ {`
	`517`	`+ return opt != null && opt.Authentication == SqlAuthenticationMethod.ActiveDirectoryDefault;`
	`518`	`+ }`
	`519`	`+`
`511`	`520`	`private bool UsesAuthentication(SqlConnectionString opt)`
`512`	`521`	`{`
`513`	`522`	`return opt != null && opt.Authentication != SqlAuthenticationMethod.NotSpecified;`
`@@ -565,7 +574,7 @@ public override string ConnectionString`
`565`	`574`	`if (_credential != null)`
`566`	`575`	`{`
`567`	`576`	`// Check for Credential being used with Authentication=ActiveDirectoryIntegrated \| ActiveDirectoryInteractive \|`
`568`		`- // ActiveDirectoryDeviceCodeFlow \| ActiveDirectoryManagedIdentity/ActiveDirectoryMSI. Since a different error string is used`
	`577`	`+ // ActiveDirectoryDeviceCodeFlow \| ActiveDirectoryManagedIdentity/ActiveDirectoryMSI \| ActiveDirectoryDefault. Since a different error string is used`
`569`	`578`	`// for this case in ConnectionString setter vs in Credential setter, check for this error case before calling`
`570`	`579`	`// CheckAndThrowOnInvalidCombinationOfConnectionStringAndSqlCredential, which is common to both setters.`
`571`	`580`	`if (UsesActiveDirectoryIntegrated(connectionOptions))`
`@@ -582,11 +591,15 @@ public override string ConnectionString`
`582`	`591`	`}`
`583`	`592`	`else if (UsesActiveDirectoryManagedIdentity(connectionOptions))`
`584`	`593`	`{`
`585`		`- throw SQL.SettingManagedIdentityWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);`
	`594`	`+ throw SQL.SettingNonInteractiveWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);`
`586`	`595`	`}`
`587`	`596`	`else if (UsesActiveDirectoryMSI(connectionOptions))`
`588`	`597`	`{`
`589`		`- throw SQL.SettingManagedIdentityWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);`
	`598`	`+ throw SQL.SettingNonInteractiveWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);`
	`599`	`+ }`
	`600`	`+ else if (UsesActiveDirectoryDefault(connectionOptions))`
	`601`	`+ {`
	`602`	`+ throw SQL.SettingNonInteractiveWithCredential(DbConnectionStringBuilderUtil.ActiveDirectoryDefaultString);`
`590`	`603`	`}`
`591`	`604`
`592`	`605`	`CheckAndThrowOnInvalidCombinationOfConnectionStringAndSqlCredential(connectionOptions);`
`@@ -878,7 +891,7 @@ public SqlCredential Credential`
`878`	`891`	`{`
`879`	`892`	`var connectionOptions = (SqlConnectionString)ConnectionOptions;`
`880`	`893`	`// Check for Credential being used with Authentication=ActiveDirectoryIntegrated \| ActiveDirectoryInteractive \|`
`881`		`- // ActiveDirectoryDeviceCodeFlow \| ActiveDirectoryManagedIdentity/ActiveDirectoryMSI. Since a different error string is used`
	`894`	`+ // ActiveDirectoryDeviceCodeFlow \| ActiveDirectoryManagedIdentity/ActiveDirectoryMSI \| ActiveDirectoryDefault. Since a different error string is used`
`882`	`895`	`// for this case in ConnectionString setter vs in Credential setter, check for this error case before calling`
`883`	`896`	`// CheckAndThrowOnInvalidCombinationOfConnectionStringAndSqlCredential, which is common to both setters.`
`884`	`897`	`if (UsesActiveDirectoryIntegrated(connectionOptions))`
`@@ -895,11 +908,15 @@ public SqlCredential Credential`
`895`	`908`	`}`
`896`	`909`	`else if (UsesActiveDirectoryManagedIdentity(connectionOptions))`
`897`	`910`	`{`
`898`		`- throw SQL.SettingCredentialWithManagedIdentityInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);`
	`911`	`+ throw SQL.SettingCredentialWithNonInteractiveInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);`
`899`	`912`	`}`
`900`	`913`	`else if (UsesActiveDirectoryMSI(connectionOptions))`
`901`	`914`	`{`
`902`		`- throw SQL.SettingCredentialWithManagedIdentityInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);`
	`915`	`+ throw SQL.SettingCredentialWithNonInteractiveInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);`
	`916`	`+ }`
	`917`	`+ else if (UsesActiveDirectoryDefault(connectionOptions))`
	`918`	`+ {`
	`919`	`+ throw SQL.SettingCredentialWithNonInteractiveInvalid(DbConnectionStringBuilderUtil.ActiveDirectoryDefaultString);`
`903`	`920`	`}`
`904`	`921`
`905`	`922`	`CheckAndThrowOnInvalidCombinationOfConnectionStringAndSqlCredential(connectionOptions);`
Original file line number	Diff line number	Diff line change
`@@ -484,12 +484,17 @@ internal SqlConnectionString(string connectionString) : base(connectionString, G`
`484`	`484`
`485`	`485`	`if (Authentication == SqlAuthenticationMethod.ActiveDirectoryManagedIdentity && HasPasswordKeyword)`
`486`	`486`	`{`
`487`		`- throw SQL.ManagedIdentityWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);`
	`487`	`+ throw SQL.NonInteractiveWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryManagedIdentityString);`
`488`	`488`	`}`
`489`	`489`
`490`	`490`	`if (Authentication == SqlAuthenticationMethod.ActiveDirectoryMSI && HasPasswordKeyword)`
`491`	`491`	`{`
`492`		`- throw SQL.ManagedIdentityWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);`
	`492`	`+ throw SQL.NonInteractiveWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryMSIString);`
	`493`	`+ }`
	`494`	`+`
	`495`	`+ if (Authentication == SqlAuthenticationMethod.ActiveDirectoryDefault && HasPasswordKeyword)`
	`496`	`+ {`
	`497`	`+ throw SQL.NonInteractiveWithPassword(DbConnectionStringBuilderUtil.ActiveDirectoryDefaultString);`
`493`	`498`	`}`
`494`	`499`	`}`
`495`	`500`