Sun Java System Identity Manager 6.0 Resources Reference 2005Q4M3 |
Microsoft SQL ServerThe MIcrosoft SQL Server resource adapter is defined in the com.waveset.adapter.MSSQLServerResourceAdapter class.
This adapter supports the following versions of Microsoft SQL Server:
Use this adapter to manage multiple databases on the SQL server. Logins can be managed to the server itself as well as the managed databases.
If you have a custom SQL table, see Database Table on page 1-89 for information about using the Resource Adapter Wizard to create a custom Microsoft SQL table resource.
Resource Configuration Notes
None
Identity Manager Installation Notes
The Microsoft SQL Server resource adapter is a custom adapter. You must perform the following steps to complete the installation process:
- To add this resource to the Identity Manager resources list, you must add the following value in the Custom Resources section of the Configure Managed Resources page.
com.waveset.adapter.MSSQLServerResourceAdapter
- For SQL Server 2000, download the latest “SQL Server 2000 Driver for JDBC”. Copy the following jar files from the Program Files\2000 Microsoft SQL Server 2000 Driver for JDBC\lib directory to the InstallDir\idm\WEB-INF\lib directory.
Usage Notes
You can use two types of authentication with SQL Server:
- Windows authentication. SQL Server relies on Windows for all authentication and security mechanisms. When a user access SQL Server, it obtains the user and password information from the user’s network security attributes. If the user has been granted access to SQL Server from within Windows, the user is logged in to SQL Server automatically. Account IDs passed in to the adapter must be in the form of Domain\accoundID. Pass-through authentication is not supported for Windows authentication.
- Mixed mode authentication. In this scenario, both Windows authentication and SQL Server authentication are enabled. When a user connects with a specified login name and password from a non-trusted connection, SQL Server performs the authentication itself by checking to see if a SQL Server login account has been set up and if the specified password matches the one previously recorded. If SQL Server does not have a login account set, authentication fails and the user receives an error message.
The SQL Server resource adapter uses the following system procedures to manage user accounts:
Security Notes
This section provides information about supported connections and privilege requirements.
Supported Connections
Identity Manager uses JDBC over SSL to communicate with SQL Server.
Required Administrative Privileges
The following table indicates who can execute the system procedures:
Provisioning Notes
The following table summarizes the provisioning capabilities of this adapter.
Account Attributes
The following table lists the default account attributes (all strings).
Because multiple databases can be managed, the Identity Manager administrator must add account attributes for each database to be managed. These attributes must include the database name as part of the attribute name in order to differentiate them from attributes for other managed databases:
Resource Object Management
None
Identity Template
$domain$ $accountId$
Sample Forms
MSSQLServerUserForm.xml
Troubleshooting
Use the Identity Manager debug pages to set trace options on the following classes: