All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Splunk DB Connect 2: Is it possible to use multiple Windows Authentication accounts to connect with multiple MS SQL databases?

jialiang123
New Member
‎12-09-2015 07:46 PM

Hi,

I have a use case in using multiple Windows accounts to log in into multiple MS SQL databases using Windows Authentication.

According to the documentation, I will have to configure the splunk service to run as the windows account. However, that will limit me to run as only a single account.

I need to account multiple MS SQL databases with each one using a different Windows authentication account.

Is this possible? I am still stuck with the DB connect 1 for this reason alone.
Please advise.

Thank you.

0 Karma
Reply

jcoates_splunk
Splunk Employee
Splunk Employee
‎12-14-2015 05:06 PM

Hi, just to clarify: Windows integrated authentication is one thing, and using a Windows account to access a database is another. Connecting with Active Directory credentials (DOMAIN -backslash- USER) works on Linux or Windows. It does require careful handling of the domain field and JDBC URL: we’ve improved the out of the box templates for this in version 2.1.0: http://docs.splunk.com/Documentation/DBX/2.1.0/DeployDBX/Createandmanagedatabaseconnections and http://docs.splunk.com/Documentation/DBX/2.1.0/DeployDBX/Troubleshooting#Cannot_connect_to_Microsoft...

Integrated authentication requires the Microsoft generic driver, which uses OS libraries — you must use a Windows forwarder for this to work, and multiple forwarders on Windows is not supported (http://blogs.splunk.com/2014/04/07/running-two-universal-forwarders-on-windows/ for more info). There is a non-accepted patch to jTDS for this, but it is not supported by Splunk; also the jTDS driver means that you can’t use SSL or connection pooling: http://docs.splunk.com/Documentation/DBX/2.1.0/DeployDBX/Supporteddatabases

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In the last month, the Splunk Threat Research Team (STRT) has had 2 releases of new security content via the ...

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...

We’ve Got Education Validation!

Are you feeling it? All the career-boosting benefits of up-skilling with Splunk? It’s not just a feeling, it's ...