Configure an MS SQL Server DataDirect datasource on your Guardium®
system.
Tip: To set a dynamic IP, go to the DB server and set the dynamic port type to
0. Remove TCP/IP and restart the services.
Supported Authentication Methods
| Authentication |
Supported |
| Local user |
Yes |
| LDAP |
Yes |
| Kerberos |
No |
| SSL |
Yes |
| Mutual SSL |
No |
Parameters
| Field |
Description |
| Host Name/IP |
Required. The hostname or IP address of the datasource. |
| Port number |
Required. Default value: 1433. |
| Instance name |
The name of the instance to which you want to connect on the server. |
| Database |
The name of the database.
The default value is Master. |
| Connection property |
Properties that must be included in the JDBC URL to establish a JDBC
connection with the datasource. The required format is
property1=value;property2=value, where each property and value pair is
separated by a semicolon.
For examples, refer to the database vendor's JDBC
documentation.For
example, domain=domain_name;AuthenticationMethod=authentication_method; encryptionMethod=encryption_method;validateServerCertificate=true_or_false;
Where:
- domain_name is the name of the domain server. If the driver cannot determine
the domain name, the connection fails and produces an error.
- AuthenticationMethod determines the authentication method that the driver
uses when a connection is established. If the authentication method is not supported by the database
server, the connection fails and produces an error.
The following values for
AuthenticationMethod are valid:
For Windows authentication, use the following
property: domain=domain_name;AuthenticationMethod=ntlmjava
To use NTLMv2
for Windows authentication, use the following
property: domain=domain_name;AuthenticationMethod=ntlm2java
Attention:
- If you specify AuthenticationMethod=ntlmjava when the LMCompatabilityLevel is restricted to
NTLMv2, an error is returned. When the LMCompatabilityLevel is restricted to NTLMv2,
AuthenticationMethod must be set to ntlm2java.
- If you specify AuthenticationMethod=ntlmjava or AuthenticationMethod=ntlm2java, you must also
specify the name of the domain server that administers the database. You can specify the domain
server by using the domain property. If the domain property is not specified, the driver tries to
determine the domain server from the user property. If the driver cannot determine the domain server
name, it returns an exception.
- For nonstandard databases:
If you are using a nonstandard database Unicode such as
Azeri_Cyrillic_100_CI_AS or Chinese_Hong_Kong_Stroke_90_CI_AS, then add the following parameter to
the connection property: CodePageOverride=UTF-8
- For SSL authentication:
To use SSL, add the following property,
encryptionMethod=SSL;validateServerCertificate=false
- Connecting to named instances:
|
| Custom URL |
The connection string to the datasource. When the custom URL is not provided,
the datasource connection is made by using properties such as the hostname and port number. |
CAS (Configuration Auditing System) database instance
If you are a CAS user, configure the CAS database instance.
| Field |
Description |
| Account |
The name of the account owner. Required if Windows Authentication is used. |
| Directory |
The name of the installation directory.To
use the datasource for Vulnerability Assessments, enter the path to your database instance home
directory, for example,
- MSSQL2014, default instance
C:\Program Files\Microsoft SQL
Server\MSSQL12.MSSQLSERVER\MSSQL
- MSSQL2016, Name instance
C:\Program Files\Microsoft SQL
Server\MSSQL13.SQL2016\MSSQL
- Oracle 2019
C:\Program Files\Microsoft SQL
Server\MSSQL15.MSSQLSERVER\MSSQL
To use the datasource for other tests such as CAS file monitoring, enter the path to the
MS SQL Server directory, for example,
- C:\Program Files (x86)\Microsoft SQL Server
- C:\Program Files\Microsoft SQL Server
|