Setting up integrated authentication between Novell's JDBC Driver and Microsoft SQL Server 2005

  • 3897896
  • 07-Jun-2007
  • 16-Mar-2012

Environment

Novell Identity Manager 3.5 - Driver JDBC

Resolution

Here's a summary of how to setup integrated authentication between Novell's JDBC Driver and Microsoft SQL Server 2005.

First, you should use the remote loader because the 2005 JDBC driver becomes a native driver (type 2) when you tell it to use sqljdbc_auth.dll for integrated authentication (read it's no longer Java so any bugs in said dll will abend the eDirectory process if it proves to be buggy).

1) Copy sqljdbc_auth.dll into the root-level remote loader directory (e.g., c:\novell\remote_loader).

2) Restart the remote loader service.

3) The remote loader process has to run as the Windows user authenticating to the database. In this case, I created a user named Jason on both machines w/ the same password. Keep in mind, I'm not using a domain controller. The simplest way to do this is to login as the user and start the remote loader under the current session.

4) Using Microsoft SQL Server Management Studio (Enterprise Manager + Query Analyzer all rolled-up in one), manually assign similar permissions you'd give to the "idm" user when using SQL Server authentication. For the sake of time, I made the Jason user a minor deity by granting him liberal permissions.

5) There's a limitation in the existing Novell JDBC driver in that it requires a username. To work around this, go ahead and provide one even though it won't be used at authentication time.

6) Set the integratedSecurity property in the JDBC URL to true. If you don't know what this means, consult Microsoft's documentation and it will make sense.

7) Start the driver as usual, it works!