Has anyone managed to get windows integrated security login to a SQL server instance running on my domain?
Ideally I'd like to use an AD service account for connection but I don't see anyway of passing this from a docker container since we don't have krb5 available within the container.
I think you’d need your own customized image with the required dependencies/packages, and then to wade through the nightmare article linked in this post to try and get it working.
So this is a lot less complicated than first thought
Set up your SQL server with the correct SPNs and constrained delegation as you would do for any form of kerberos connection
The MS SQL jdbc driver can connect directly without needing any kerberos setup on the linux host or container
Username should be entered as username@REALM
The Extra Connection properties should include "integratedSecurity=true;authenticationScheme=JavaKerberos"
On a linux/container env, the username must include the realm, on windows its optional
On a windows env, the ignition service needs to be started with the same username that you use to connect to SQL, on linux the default installation can be used.
4 Likes
Hi Declan, so the sql connection string will include both the username and integratedSecurity?
on windows we have had success with integrated security and adding the dll. trying this on linux for the first time but adding the JavaKerberos doesnt seem to be doing the trick. was there anything else special that you did?