Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

borderColor#000000
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#000000
borderStylesolid
titleIntroduction

Use this guide along with

...

the Data tab configuration guide to configure a SQL Server-integrated SecureAuth IdP realm. 

...

An on
UI Text Box
sizemedium
typenote

If connecting SecureAuth IdP to SQL Server User Data Store using Windows Authentication, click here to view the instructional see the SecureAuth SQL Server Windows ID Implementation PDF. 

Panel
borderColor#444443
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#444443
borderStylesolid
titlePrerequisites

Prerequisites

  • SecureAuth IdP version 9.1 and later
  • On-premises SQL Server data store
  • A service account with read access (and optional write access) designated for use by SecureAuth IdP

...

...

SQL Server

...

Column
width50%

Image Removed

...

width50%

Datastore Type

1. Select SQL Server from the Type dropdown

Datastore Credentials

...

configuration steps

...

  1. In the SecureAuth IdP Web Admin, select the Data tab. 
  2. In the Membership Connection Settings section for the Datastore Type, set the Type to SQL Server.
      Image Added

  3. In the Datastore Credentials section, do one of the following: 

With this feature, steps 2 and 3 are not required

    • Otherwise, set the User ID of the SecureAuth IdP Service Account

...

3. Provide the Password associated with the User ID

DataStore Connection

...

    • and associated Password
      Image Added
  1. In the Datastore Connection section, set the following: 

    Borderless_tables
    Data SourceSet to the Fully Qualified Domain Name (FQDN)

...

  1.  or the IP Address

...

  1. Initial Catalog

...

...

  1. Set to the database name. 
    Integrated Security

    Set to one of the following: 

    • True –  Use the IIS app pool

...

    • service account

...

    • in the connection (see  Integrated Auth Requirements   below)

Select False to specify a SQL service account instead
 

    • UI Expand
      titleIntegrated Auth Requirements

      1. Join the server to the domain to utilize a domain service account.

      2. In IIS, set the application pool Identity for both the .NET v4.5 and SecureAuth0 app pools to use the preferred service account; and set Load User Profile to True.

      3. Make the service account a member of the local administrators group of the SecureAuth IdP server(s).

      4. Perform an IIS reset after making the changes

...

    • .

    • False – Use a SQL service account
    Persist Security Info

...

  1. To allow access to the username and password information

...

  1. , set to True
    Generate Connection StringClick Generate Connection String

...

  1. and it autopopulates the Connection String

...

  1. field. 
    Password FormatIndicate how the service account password is stored in the directory

...

Group Permissions

...

  1. Image Added

  2. In the Group Permissions section, set the following: 

    Borderless_tables
    Allowed GroupsCreate a list of

...

  1. groups allowed access to the target resource of this realm. For example,

...

  1. Admins
    Denied GroupsCreate a list of

...

  1. groups not allowed access to the target resource of this realm.

...

  1. Max Invalid Password AttemptsSet the maximum number of password attempts before the user

...

  1. account is locked

    Image Added

  2. In the Stored Procedure Configuration

...

  1. section, provide the stored procedure names for the following fields:

    • Get User SP

...

    • Validate/Get Password SP

...

    • Reset Password SP

...

    • Create User SP

...

17. Click Test Connection to ensure that the connection is successful

...

typetip
  1. To test the connection, click Test Connection
    If using a Custom Connection String and experience an error when testing the connection,

...

  1. see the Custom Connection String Error

...

  1.  section for a workaround

...

Info

Refer to Data Tab Configuration to complete the configuration steps in the Data tab of the Web Admin

Info

Refer to SQL User Data Store Tables and Stored Procedures Configuration Guide for more configuration information

...

  1. .

Custom Connection String Error

...

Column
width50%

Image Removed

...

When a custom connection string is manually entered, an error

...

might occur when testing the connection

...

. This can prevent the SQL

...

server from successfully

...

integrating with SecureAuth IdP

This error

...

can occur when the  Custom Connection String

...

 check box selected and the  Connection String  is manually entered into the field

...

instead of being generated by the Web Admin

Image Added

Workaround

See the following steps for a workaround to this issue.

  1. Go to the System Info tab. 
  2. In the Links section, click the Click to edit Web Config file link. 
    Image Added
  3. In the Web Config Editor, search for SQLServer and

...

  1. enter the connection string in the web configuration file. 
    Image Added
  2. Save your changes. 
    This enables a successful connection; however clicking Test Connection in the Data tab might still yield an error.