SQL Server Global Access Tokens
Answered
I seem to have only two connectivity options when creating a global access token for SQL Server.
I can use a SQL Server account:
Or I can give database access to the AgilePoint service account and I can use that by selecting "Integrated Security":
But it seems that I cannot use a domain account in my SQL Server token. I have blurred my User Name entry below, but its in the form DOMAIN\AccountName:
Has anyone else out there found a way to use a domain account in their SQL Server global access tokens?
thanks!
-
Hi Sylvia,
When creating an access token, the option provided by the access token to configure it is mandated by the third party to connect with, in your case this would be SQL Sever.
So, the options to configure the Access Token for SQL Server are based on the supported "connection string" format for SQL Server.
When passing user name and password as part of the connection string, this would be SQL user and not a domain user, so, when you uncheck the "SSPI (Integrated Security)" and provide values in the "User Name" and "Password" fields - this must be SQL user credentials.
Unfortunately, there is no way (unless implementing impersonation mechanisms) to pass domain user as part of a connection sting to SQL Server other than using the SSPI option (Integrated Security), which will use the AgilePoint Service Instance Account.
NOTE - SSPI option only works if the domain account is the one opening the connection. This will be true whenever AgilePoint Server instance account is a domain user (applicable in most env where AgilePoint integrates with Active Directory).
BTW - Have a look at connectionstrings.com for every possible variation - a great resource for all connection string usages and options.
Hope this clear out and help.
Thanks,
Yaniv.
Please sign in to leave a comment.
Comments
2 comments