All Apps and Add-ons

Why does my DB Connect not connect to Microsoft SQL Server using Kerberos authentication?

Path Finder

I am running a linux server and trying to establish a connection to McAfee with the SQL server using kerberos authentication. I have downloaded and installed the correct driver and DB connect recognizes the driver. When trying to create a new connection, I receive the error, "com.microsoft.sqlserver.jdbc.SQLServerException: Integrated authentication failed. ClientConnectionId: blah blah". When I look through the dbx_server logs, I find the same error as above, but also another log with an error. The other log states "ClientConnectionId: blah blah cause={} org.ietf.jgss.GSSException: No Valid credentials provided (Mechanism level: Server not found in Kerberos database (7))". Does anyone know what the issue is that is keeping the linux machine from establishing the connection?

0 Karma

Motivator
0 Karma

Builder

Unix + kerberos in a microsoft active directory environment is tricky. Typically when you see a "server not found in kerberos database" error, you're trying to invoke-command (via winrm) from one windows machine to another, and your trustedhosts config is too restrictive. I'm not positive what the equivalent is on unix, but you might try using kinit first to see if you can request a ticket with the account you're using to connect remotely. That might rule out some problems. For instance: kinit myuser@MY.DOMAIN.COM. If it prompts you for your password, and klist now shows the ticket, things should be in a good state. If your unix host isn't configured to find the domain controllers, you might be running into issues there. I have a similar setup but I think my driver is different. I can confirm after you do some more testing.

0 Karma

Path Finder

I was able to perform kinit command and klist provided me a ticket. I was initially given the wrong Port to connect to. After the change, the new error stated, "com.microsoft.sqlserver.jdbc.SQLServerException: Integrated authentication failed. ClientConnectionId:blah". I thought that since maybe we had a specific instance to connect to, I added "instanceName=myInstance" to the JDBC URL as stated in Splunk Docs. After this update, I encountered a new error. The new error stated, "There was an error processing your request. It has been logged (ID blah)."

0 Karma