Announcing the Saviynt Knowledge Exchange unifying the Saviynt forums, documentation, training,
and more in a single search tool across platforms. Read the announcement here.
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Connect to Active Directory domain accounts with MS SQL database using Kerberos

Go to solution
sdey_2023
Regular Contributor
Regular Contributor

‎07/05/2023 09:29 PM

Hi Team,

we are trying to create a connection from Saviynt to MS SQL database using Kerberos authentication via Active Directory Domain Controllers. Here is the sample URL for the same: jdbc:sqlserver://desktop-8gqhcvq.savpoc.com:1433;DatabaseName=SAVMSSQL;authenticationScheme=JavaKerberos;integratedSecurity=true;userName=${USERNAME};password=${PASSWORD}

Could you please let us know if we need to open the firewall flow between Saviynt and the Domain Controllers for performing the Kerberos authentication and the port required for the same?

Labels:
0 Kudos
3 REPLIES 3

Go to solution
nimitdave
Saviynt Employee
Saviynt Employee

‎07/06/2023 01:56 AM

Please check the doc here:

https://docs.saviyntcloud.com/bundle/Database-v23x/page/Content/Appendix-WIP.htm#top

0 Kudos

Go to solution
sdey_2023
Regular Contributor
Regular Contributor

‎07/06/2023 04:41 AM

Hi Nimit, thanks for that. We did check the document, but it is not clearly mentioned if we need to have the firewall flow opened between Saviynt and the Active Directory DCs or the port to be opened for the same. Thanks.

0 Kudos

Go to solution
nimitdave
Saviynt Employee
Saviynt Employee

‎07/06/2023 05:49 AM - edited ‎07/06/2023 05:53 AM

Yes , you need to open KDC/AD port 88 UDP Protocol for this. 

Also attaching one document to help and validate the setup.

Post that you need to upload the filer under connector files from UI Admin Menu --> File directory

Path for krb5.conf to be refered in sqljdbcdriver.conf  will be /saviynt_shared/saviynt/ConnectorFiles

Once you are done validating the kerberos setup from the java client in the attached file , please raise a support ticket to enable configs at EIC/Saviynt server end.

Preview file
169 KB
Copyright © 2024 Khoros, LLC