Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ PI Server Installation and Configuration (PI Server 2024 R2)

TABLE OF CONTENTS

Pre-install tasks for Microsoft Azure

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedSep 15, 2025
  • 2 minute read

The following pre-installation tasks must be completed for Microsoft Azure SQL Database or Microsoft Azure Managed Instance before installation:

  • Decide which type of Microsoft Entra ID managed identity -- user-assigned or system-assigned -- will be used for authentication with Azure SQL Database or Azure Managed Instance.

  • Select and configure the appropriate user roles and permissions prior to installation.

  • Assign the db_AFServer database role to the user account that runs the PI AF Application Service at installation.

  • Grant the correct permissions to the PI AF application service and the PI AF database:

    • PI AF application service: Grant least privileges to the account assigned to an Azure managed identity or service principal.

    • PI AF database: Grant highest privileges to the account used to create and configure the PI AF database.

Microsoft Entra ID managed identities

You can use Microsoft Entra ID managed identities for authentication with Azure SQL Database or Azure Managed Instance during an AF Server installation.

Managed identities provide automatic identity management in Microsoft Entra ID for Azure resources. Managed identities are created in Azure, assigned to an Azure resource, and then given access to a target service. See Managed identities in Microsoft Entra for Azure SQL Database for more information.

User-assigned and system-assigned managed identities

You can use either user-assigned or system-assigned managed identities for authentication with Azure SQL Database or Azure Managed Instance:

  • System-assigned identities: Automatically created and assigned to an Azure resource during provisioning.

  • User-assigned identities: Created by the user and may be assigned to more than one Azure resource during provisioning.

These two types of managed identities differ in how they are used and their lifecycle. See Managed identity types for more information.

If running SQL Scripts as part of the AF Server installation with the PI Server install kit, the machine must be assigned to an Azure system-assigned or user-assigned managed identity.

Note: To use another Microsoft Entra ID-supported authentication method, edit and then run the Go.bat batch file See Set the authentication method in GO.bat for Microsoft Azure.

TitleResults for “How to create a CRG?”Also Available in