All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Issue with dbconnect version 2 with Windows authentication for SQL Server

cdo_splunk
Splunk Employee
Splunk Employee
‎05-07-2015 10:08 AM

Issue with dbconnect version 2 with Windows authentication for SQL Server using sql server jar file

Reply
1 Solution
Solved! Jump to solution
Solution

cdo_splunk
Splunk Employee
Splunk Employee
‎05-07-2015 10:12 AM

DBconnect version 2 with window authentication for sql server only worked with jTDS driver

Workaround
Add the below entries to db_connections.conf(for the particular connection) OR db_connection_types.conf(for the connection type)
jdbcUrlFormat = jdbc:jtds:sqlserver://<host>:<port>/<database>;useCursors=true;domain=<domain_name>;useNTLMv2=true
domain_name = MSSQLSERVER12
Change the Username in the identity to have only the username(ex.bamboo) instead of domain-name\username(MSSQLSERVER12\bamboo).
Once the above changes are made, validate all flows and make sure they work.
--Db connect version 1.x and db connect version 2 only support sql server window authentication using jTDS driver. The jTDS driver does not support connecting over Secure Sockets Layer (SSL), nor does it support database connection pooling. If you want to use sql server database driver , you need to use sql server authentication.

View solution in original post

Reply
Solved! Jump to solution

cdo_splunk
Splunk Employee
Splunk Employee
‎05-21-2015 02:11 PM

To connect to Microsoft SQL Server with DB Connect using the Microsoft JDBC Driver for SQL Server and Windows authentication, follow these instructions. Be aware that these instructions assume that you're running Splunk Enterprise on Microsoft Windows.

Modify the jdbcUrlFormat setting in the db_connection_types.conf file to include integratedSecurity=true. For example:

jdbcUrlFormat = jdbc:sqlserver://<host>:<port>;databaseName=<database>;selectMethod=cursor;integratedSecurity=true

From the Microsoft JDBC Driver 4.0 for SQL Server download, locate the sqljdbc_auth.dll file. This file is at the following path, where <region_code> is the three-letter region code (for example, enu for U.S. English), and <architecture> is the processor type (x86 or x64):

    Microsoft JDBC Driver 4.0 for SQL Server\sqljdbc_4.0\<region_code>\auth\<architecture>\sqljdbc_auth.dll

Copy the sqljdbc_auth.dll file to C:\Windows\System32 on your Splunk Enterprise server.
From the Windows Control Panel, go to Services, and then get properties on "Splunkd Service."
Click the Log On tab, and then change the "Log on as" setting from the Local System account to that of the logged on domain user.

    Note: The domain user should have sufficient privileges to access the SQL Server instance. 

Save your changes, and then restart the Splunk Enterprise server for the changes to take effect.
Reply
Solved! Jump to solution
Solution

cdo_splunk
Splunk Employee
Splunk Employee
‎05-07-2015 10:12 AM

DBconnect version 2 with window authentication for sql server only worked with jTDS driver

Workaround
Add the below entries to db_connections.conf(for the particular connection) OR db_connection_types.conf(for the connection type)
jdbcUrlFormat = jdbc:jtds:sqlserver://<host>:<port>/<database>;useCursors=true;domain=<domain_name>;useNTLMv2=true
domain_name = MSSQLSERVER12
Change the Username in the identity to have only the username(ex.bamboo) instead of domain-name\username(MSSQLSERVER12\bamboo).
Once the above changes are made, validate all flows and make sure they work.
--Db connect version 1.x and db connect version 2 only support sql server window authentication using jTDS driver. The jTDS driver does not support connecting over Secure Sockets Layer (SSL), nor does it support database connection pooling. If you want to use sql server database driver , you need to use sql server authentication.

Reply
Get Updates on the Splunk Community!

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...

Adoption of Infrastructure Monitoring at Splunk

  Splunk's Growth Engineering team showcases one of their first Splunk product adoption-Splunk Infrastructure ...