cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
Administration & Architecture
Explore discussions on Databricks administration, deployment strategies, and architectural best practices. Connect with administrators and architects to optimize your Databricks environment for performance, scalability, and security.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Unable to get CLI working on new laptop

Go to solution
SamGreene
Contributor II

yesterday

Hi,

I have two Windows 10 laptops.  The old one is working fine with Databricks CLI version 0.210.0.  I installed the CLI on a new laptop and copied my config file.  I can test connections to my default config which uses my PAT.  However, I have some configs for service principals that are used to create PATs for Power BI usage.  I can't get these to test successfully.  The new laptop is using 0.237.0.  I tried using 0.210.0 on the new laptop, but same issue.  If I try 0.237.0 on the old laptop, it has the same issue. I checked for environment variables on the old laptop but didn't see DATABRICKS_HOST or DATABRICKS_TOKEN.   

Here is the output, I've scrubbed the output and it all looks good.  As I mentioned, the config file came straight from a working computer and works so I think all the cloud components are set up correctly. 

C:\Users\me>databricks auth describe --profile MY_SERVICE_PRINCIPAL_PROFILE
Unable to authenticate: default auth: cannot configure default credentials, please check https://docs.databricks.com/en/dev-tools/auth.html#databricks-client-unified-authentication to configure credentials for your preferred authentication method. Config: host=https://MYADB.azuredatabricks.net, profile=MY_SERVICE_PRINCIPAL_PROFILE, azure_tenant_id=MY_TENANT
-----
Current configuration:
✓ host: https://MY_ADB.azuredatabricks.net (from C:\Users\user/.databrickscfg config file)
✓ profile: MY_SERVICE_PRINCIPAL_PROFILE (from --profile flag)
✓ azure_tenant_id: MY_TENANT

Any suggestions on how to troubleshoot this? 

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
SamGreene
Contributor II

yesterday

Just found the issue, I should be using these in the profiles for the service principals for entra ID authentication.  Everything is now working!

azure_tenant_id
azure_client_id
azure_client_secret

View solution in original post

0 Kudos
7 REPLIES 7

Go to solution
Walter_C
Databricks Employee
Databricks Employee

yesterday

Just to confirm you have copy and paste the config file from your old compute to this new one? Have you tried recreating the profile again on the new laptop?

Go to solution
SamGreene
Contributor II
In response to Walter_C

yesterday

Yes, I copied the file through file explorer.  If I do ‘auth profiles’, all profiles are listed but most are invalid. 

0 Kudos

Go to solution
Walter_C
Databricks Employee
Databricks Employee

yesterday

Understood, if you recreate any of them manually does it moves to active?

Go to solution
SamGreene
Contributor II
In response to Walter_C

yesterday - last edited yesterday

It has the same behavior.  Here is what the new config looks like:  

[DEFAULT]
host = https://MY_ADB.azuredatabricks.net
token = dapixxxxxxxxxxxxxxxxxxxxxxxx

[MY_SERVICE_PRINCIPAL_PROFILE]
host = https://MY_ADB.azuredatabricks.net
databricks_client_id = 12******-*****-********-******
databricks_client_secret = QW***********************************

One interesting thing I just found.  On the old computer, I mentioned that the new CLI doesn't work.  I downloaded old versions of the cli and unzipped to multiple directories and then switched to each directory before running 'auth profiles' to see when that stops working.  

Last working version. 0.212.2

Broken version: 0.212.3

Releases are on this page: 

Releases · databricks/cli

The release that 'breaks' by functionality on the old workstation has this note: Release Windows packages to winget-pkgs. 

Enabling log file with warn/error is providing just a little more info: time=2025-01-08T13:49:49.138-07:00 level=ERROR source="root.go 114}" msg="failed execution" pid=32972 exit_code=1 error="default auth: cannot configure default credentials, please check https://docs.databricks.com/en/dev-tools/auth.html#databricks-client-unified-authentication to configure credentials for your preferred authentication method. 

0 Kudos

Go to solution
SamGreene
Contributor II

yesterday

Continuing to dig into this, I think I also misconfigured something wrong on my first computer and the PATs were not created under the correct identity.  I had entries in my config similar to the below and would execute commands with the first SP profile and the second SP profile to create PATs, however, all the PATs are associated with my user account. I've done something wrong with the setup here.  On my original computer, I can change the databricks_client_id and secret to something incorrect and the credentials are being pulled from elsewhere (default?)

[DEFAULT]
host = https://MY_ADB.azuredatabricks.net
token = dapixxxxxxxxxxxxxxxxxxxxxxxx

[MY_SERVICE_PRINCIPAL_PROFILE]
host = https://MY_ADB.azuredatabricks.net
databricks_client_id = 12******-*****-********-******
databricks_client_secret = QW***********************************

 

[MY_SERVICE_PRINCIPAL_PROFILE_2]
host = https://MY_ADB.azuredatabricks.net
databricks_client_id = 34******-*****-********-******
databricks_client_secret = AB***********************************

0 Kudos

Go to solution
SamGreene
Contributor II

yesterday

Just found the issue, I should be using these in the profiles for the service principals for entra ID authentication.  Everything is now working!

azure_tenant_id
azure_client_id
azure_client_secret

0 Kudos

Go to solution
Walter_C
Databricks Employee
Databricks Employee

yesterday

Great to hear issue got resolved, let us know in case any other assistance is required.

0 Kudos

Connect with Databricks Users in Your Area

Join a Regional User Group to connect with local Databricks users. Events will be happening in your city, and you won’t want to miss the chance to attend and share knowledge.

If there isn’t a group near you, start one and help create a community that brings people together.

Request a New Group
Announcements