Support for Kerberos authentication for Linked Servers
When creating a linked server on a managed instance, the option for login to "Be made using the login's current security context" does not function due to the lack of Kerberos authentication.
This authentication method is used frequently to allow multiple applications or processes to make use of the same linked server while still restricting the access to the remote server to specific databases on the remote server. For instance, UserA might have access to database A and B through the linked server but UserB only has access to database B.
Without this support, processes or applications that require SQL permissions to restrict access cannot function and will require significant development efforts to change. This greatly reduces the number of SQL systems that we can migrate to MI and must keep on VM hosting.