- Find Answers
- :
- Splunk Platform
- :
- Splunk Enterprise
- :
- DB Connect [DBX] with Azure AD Auth for Azure MS S...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
DB Connect [DBX] with Azure AD Auth for Azure MS SQL Connections
I am trying to solve a problem where Splunk DB Connect [DBX] can leverage Azure AD authentication through JDBC driver for Azure MS SQL Server access.
Currently, upon trying to achieve similar, DBX Server ends up into a java exception -
2021-05-15 12:44:31.032 +0800 [dw-56 - POST /api/connections/status] ERROR io.dropwizard.jersey.errors.LoggingExceptionMapper - Error handling a request: be206a071cdf0267
java.lang.NoClassDefFoundError: com/microsoft/aad/msal4j/IClientCredential
...
...
Caused by: java.lang.ClassNotFoundException: com.microsoft.aad.msal4j.IClientCredential
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
... 92 common frames omitted
Microsoft has already enhanced its JDBC Driver to work with Azure AD Auth instead of native MS SQL user based -
https://docs.microsoft.com/ja-jp/sql/connect/jdbc/connecting-using-azure-active-directory-authentica...
Point #1 & #2 are about the use-cases one of which I would want make use of, #3 is something that is currently documented and works just fine.
1 - ActiveDirectoryPassword
Supported in driver version v6.0 and later, you authentication=ActiveDirectoryPassword can use your Azure AD username and password to connect to Azure SQL Database and Synapse Analytics.
Illustration of the JDBC String Usage –
jdbc:sqlserver://<instance_url>:<instance_port>;database=<db>;encrypt=true;trustServerCertificate=false;hostNameInCertificate=<instance_domain>;loginTimeout=30;authentication=ActiveDirectoryPassword
2 - ActiveDirectoryServicePrincipal
Supported in driver version v9.2 and later, you authentication=ActiveDirectoryServicePrincipal can use the client ID and secret of the service principal ID to connect to Azure SQL Database and Synapse Analytics.
Illustration of the JDBC String Usage –
jdbc:sqlserver://<instance_url>:<instance_port>;database=<db>;encrypt=true;trustServerCertificate=false;hostNameInCertificate=<instance_domain>;loginTimeout=30;authentication=ActiveDirectoryServicePrincipal;aadSecurePrincipalId=<secure_principal_id>;aadSecurePrincipalSecret=<secure_principal_secret>
3 - SqlPassword - works just fine
authentication=SqlPassword Use to connect to SQL Server using the userName or user and password properties.
- I have approached Splunk Support - They say its beyond break fix
- Then, Professional Services - They say its more of OnDemand
- Then, OnDemand - Says it needs to be an enhancement, so should be an Idea
- Now, Idea - is where I am at this moment
So, I am approaching to the community if someone has solved this problem then please share the solution / workaround, else please upvote the idea, so that it gets the due attention.
Idea - https://ideas.splunk.com/ideas/EID-I-987
Splunk Premium Customers and Partners would like to see Splunk DB Connect [DBX] Server enhanced to leverage Azure AD authentication through JDBC driver for Azure MS SQL Server access.
Currently, upon trying to achieve similar, DBX Server ends up into a java exception, detailed into the Support case attached with this idea request.
Microsoft has already enhanced its JDBC Driver to work with Azure AD Auth instead of native MS SQL user based.
Idea is simple - DBX [Req Initiation] ->> JDBC [Request Handover] ->> Azure AD [Request Auth] ->> Azure MS SQL [Request Fulfillment]
Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!
Logs to Metrics
Developer Spotlight with Paul Stout
