Configuring a Masking Connector to Work with an AD Account (KBA1820)

Troubleshooting Masking Connector with an AD account 

When defining the user using the default AD account the connector fails.

The following fails: "<DomainName>\<UserName>".

An example of the error message is:

The issue here is that the construct for defining the Domain and User detail needs to be specified in separate fields in the JDBC (masking) driver. 

Solution: How to configure an AD Account 

To use an AD account follow these steps:

1. Ensure a regular local SQLserver user, eg. "delphixmasking" shows as SQLserver authentication under SSMS and successfully tests as Delphix connector.
    
2. On Windows SSMS: Check the AD account permissions:
   • Will need to add access to the specific DB desired.
   • The default MSSQL jtds JDBC connector string needs to add the domain=AD (use your DomainName) parameter.
      
3. On Masking Engine: Configure a Masking Connector using Advanced option.
   • Use the advanced connector to be able to pass this parameter; sample string looks like: 

jdbc:jtds:sqlserver://10-43-100-101.ad.delphix...CUIT;domain=AD

Warning:

Do not use Basic Connector and don't use the format: "<DomainName>\<UserName>".

Related Articles

Internal Links: 

• Delphix Masking 5.3.3: Managing Connectors

External Links:

• ServerFault: Why Does A/D Account Need SQL Server Login?
• ESHA Research: Granting Access To Additional Users With SQL Server Management Studio For Genesis Food And Food Processor