Skip to main content
Delphix

Configuring Authentication Models with SQL Server Advanced connector JDBC URL using Microsoft JDBC driver (KBA6498)

 

 

KBA

KBA# 6498

 

Issue

Delphix masking engine switched from providing the jTDS JDBC driver to Microsoft's official open-source JDBC driver starting with the 6.0.3.0 release. As a consequence there are changes in the JDBC URL when applied to the Advanced connector settings.  This applies to various authentication models for accessing the SQL Server when masking databases. This article will cover some of these aspects including parameters for Windows and Kerberos authentication when using advanced connection where the JDBC URL is involved. There is also guidance provided within some of the changes to the JDBC URL to prepare for the changes to make in the connector to avoid delays in masking jobs.

The previous URL connection string with the jTDS SQL Server driver was in this format:

jdbc:jtds:sqlserver://SQLServerHostname_as_FQDN:SQL_Server_Port_Number;instance=SQL_Server_Instance_Name;DatabaseName=VDB_Name;domain=CorpDomain.com

The upgrade does not make a change to the string.  Also, within support logs, Delphix Support cannot distinguish which connection string is used. This information is redacted. Hence, support may request the URL string from you.

The Microsoft JDBC Driver URL connection string is in this format:

jdbc:sqlserver://SQLServerHostname_as_FQDN\SQL_Server_Instance_Name:SQL_Server_Port_Number;DatabaseName=VDB_Name;<Additional Connection Properties>

Applicable Delphix Versions

Click here to view the versions of the Delphix engine to which this article applies
Major Release All Sub Releases
6.0 6.0.3.0, 6.0.3.1, 6.0.4.0

Windows Authentication

 

Windows authentication requires different parameters. Refer to the "Setting the connection properties" link for the specfic information regarding Windows authentication which requires the indicated parameters as demonstrated in the following URL connection string:

jdbc:sqlserver://SQLServerHostname_as_FQDN:SQL_Server_Port_Number;DatabaseName=VDB_Name;domain=CorpDomain.com;integratedSecurity=true;authenticationScheme=NTLM

The additional requirements are the integratedSecurity and authenticationScheme properties. Username and password are also passed on via the Connector configuration. 

 


Kerberos Authentication

Kerberos Authentication is a little more involved.

The JDBC connection URL is simple as the Kerberos configuration in the Advanced connector dialog provides fields for the key Kerberos aspects.

Kerberos_Advanced.png

In this regard the JDBC URL is set with one of these formats, depending on preference when using instance name or port:

jdbc:sqlserver://SQLServerHostname_as_FQDN\SQL_Server_Instance_Name;databaseName=devdb
jdbc:sqlserver://SQLServerHostname_as_FQDN:49899;databaseName=devdb

The Kerberos properties are set in the fields provided in the Advanced configuration. Refer to the Masking documentation for details on configuring for Kerberos: 

https://masking.delphix.com/docs/latest/kerberos-configuration.

 

 

 


Related Articles

The following articles may provide more information or related information to this article:

Connecting to SQL Server with JDBC Driver

Setting the connection properties: List properties, explanation and values/descriptions

Kerberos configuration