Troubleshooting Masking Connector with an AD account
When defining the user using the default AD account the connector fails.
The following fails: "<DomainName>\<UserName>".
An example of the error message is:
|Login failed for user 'ACME\Joey_Blogs'|
The issue here is that the construct for defining the Domain and User detail needs to be specified in separate fields in the JDBC (masking) driver.
Solution: How to configure an AD Account
To use an AD account follow these steps:
- Ensure a regular local SQLserver user, eg. "delphixmasking" shows as SQLserver authentication under SSMS and successfully tests as Delphix connector.
- On Windows SSMS: Check the AD account permissions:
- Will need to add access to the specific DB desired.
- The default MSSQL jtds JDBC connector string needs to add the domain=AD (use your DomainName) parameter.
- On Masking Engine: Configure a Masking Connector using Advanced option.
- Use the advanced connector to be able to pass this parameter; sample string looks like:
- Delphix Masking 5.3.3: Managing Connectors
- ServerFault: Why Does A/D Account Need SQL Server Login?
- ESHA Research: Granting Access To Additional Users With SQL Server Management Studio For Genesis Food And Food Processor