Configuring a Masking Connector to Work with an AD Account (KBA1820)
Troubleshooting Masking Connector with an AD account
When defining the user using the default AD account the connector fails.
The following fails: "<DomainName>\<UserName>".
An example of the error message is:
Login failed for user 'ACME\Joey_Blogs' |
The issue here is that the construct for defining the Domain and User detail needs to be specified in separate fields in the JDBC (masking) driver.
Solution: How to configure an AD Account
To use an AD account follow these steps:
- Ensure a regular local SQLserver user, eg. "delphixmasking" shows as SQLserver authentication under SSMS and successfully tests as Delphix connector.
- On Windows SSMS: Check the AD account permissions:
- Will need to add access to the specific DB desired.
- The default MSSQL jtds JDBC connector string needs to add the domain=AD (use your DomainName) parameter.
- On Masking Engine: Configure a Masking Connector using Advanced option.
- Use the advanced connector to be able to pass this parameter; sample string looks like:
jdbc:jtds:sqlserver://10-43-100-101.ad.delphix...CUIT;domain=AD
Related Articles
Internal Links:
- Delphix Masking 5.3.3: Managing Connectors
External Links:
- ServerFault: Why Does A/D Account Need SQL Server Login?
- ESHA Research: Granting Access To Additional Users With SQL Server Management Studio For Genesis Food And Food Processor