- Overview
- Configuration
Microsoft SQL Server
Simplify SQL Server access with AD Password synchronization
Microsoft SQL Server is a widely used relational database management system for managing organizational data. Integrating ADSelfService Plus with Microsoft SQL Server enables Active Directory (AD) password synchronization, providing a unified login experience for users and reducing password fatigue.
Streamlined database access for users
Allow users to access a database without the hassle of managing separate credentials.
Enhanced security through consistent password policies
Support a unified password policy—including breached password protection—across Microsoft SQL Server and AD, strengthening database security and helping maintain compliance.
Reduced help desk requests for password resets
Synchronize AD passwords with Microsoft SQL Server to allow users to benefit from seamless access, reducing password-related support requests and improving overall user experience.
Password Synchronization with Microsoft SQL Server
ADSelfService Plus’ Real-time Password Synchronizer helps ensure users have only one password between different applications to reduce password related issues. This means, every time a user resets or changes their Active Directory password, the new password will automatically be synced with the user’s MS SQL account.
Before you begin:
- Make sure that the SQL user account that is to be configured has either the 'sysAdmin' or 'Alter any Login' privilege.
- Install the Password Sync Agent to synchronize native password changes and resets.
Configuration steps
- Log into ADSelfService Plus admin console with admin credentials.
- Navigate to Configuration → Self-Service → Password Sync/ Single Sign On.
- Select the Microsoft SQL Server application.Note: You can also find Microsoft SQL Server application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
- Enter the Application Name and Description.
- In the Assign Policies field, select the policies for which SSO need to be enabled. Note: ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
- Select Enable Password Sync.
- Enter the System Name/IP Address of the server on which Microsoft SQL Server instance is deployed.
- Enter the Port Number used by the MS SQL server.
- Based on the configurations in your Microsoft SQL Server instance, select SSL or Non-SSL in the Protocol field which would define the connection type.
- Select either Windows or SQL as the Authentication Type.
- If you have selected SQL as an authentication type, enter the User Name and Password of the SQL user account (from Before you begin).
- If you have selected Windows as an authentication type, enter your domain login credentials.
- Click Add Application.
Possible errors and their troubleshooting steps.
- Error: Connection refused or Invalid System Name or Port Number
- Troubleshooting steps:
- Ensure that you have typed the port number specific to the targeted MS SQL server instance.
- Check the status of the MS SQL server. If it is shutdown, start it. Check if the MS SQL server is reachable. If it is unreachable, check the network connections using the telnet command.
- telnet hostName/ipaddress portnumber
- If you've forced SSL in MS SQL server, make sure you've selected SSL from the Protocol drop-down in ADSelfService Plus' MS SQL configuration page.
- Error: SQL Server Certificate is not trusted by JVM, need to import it in JVM.
- Troubleshooting steps:
- Either copy or export the SSL certificate that you applied, and paste it under <Install Directory>\jre\bin folder (Default location:C:\ManageEngine\ ADSelfService Plus\jre\bin).
- Open an elevated command prompt and execute the following command:
- Keytool -importcert -alias myserver -keystore ..\lib\security\cacerts -file mymssql.cer -keypass changeit -storepass changeit -noprompt
- Restart ADSelfService Plus.
- Now, try establishing the SSL connection.