Password Synchronization with Microsoft SQL Server
ADSelfService Plus’ Real-time Password Synchronizer helps ensure users have only one password between different applications to reduce password related issues. This means, every time a user resets or changes their Active Directory password, the new password will automatically be synced with the user’s MS SQL account.
Before you begin:
- Make sure that the SQL user account that is to be configured has either the 'sysAdmin' or 'Alter any Login' privilege.
- Install the Password Sync Agent to synchronize native password changes and resets.
Configuration steps
-
Log into ADSelfService Plus admin console with admin credentials.
-
Navigate to Configuration → Self-Service → Password Sync/ Single Sign On.
-
Select the Microsoft SQL Server application.
Note:
You can also find Microsoft SQL Server application that you need from the search bar located in the left pane or the alphabet wise navigation option in the right pane.
-
Enter the Application Name and Description.
-
In the Assign Policies field, select the policies for which SSO need to be enabled.
Note:ADSelfService Plus allows you to create OU and group-based policies for your AD domains. To create a policy, go to Configuration → Self-Service → Policy Configuration → Add New Policy.
-
Select Enable Password Sync.
-
Enter the System Name/IP Address of the server on which Microsoft SQL Server instance is deployed.
-
Enter the Port Number used by the MS SQL server.
-
Based on the configurations in your Microsoft SQL Server instance, select SSL or Non-SSL in the Protocol field which would define the connection type.
-
Select either Windows or SQL as the Authentication Type.
-
If you have selected SQL as an authentication type, enter the User Name and Password of the SQL user account (from Before you begin).
-
If you have selected Windows as an authentication type, enter your domain login credentials.
-
Click Add Application.
Possible errors and their troubleshooting steps.
-
Error: Connection refused or Invalid System Name or Port Number
Troubleshooting steps:
-
Error: SQL Server Certificate is not trusted by JVM, need to import it in JVM.
Troubleshooting steps:
-
Either copy or export the SSL certificate that you applied, and paste it under <Install Directory>\jre\bin folder (Default location:C:\ManageEngine\ ADSelfService Plus\jre\bin).
-
Open an elevated command prompt and execute the following command:
Keytool -importcert -alias myserver -keystore ..\lib\security\cacerts -file mymssql.cer -keypass changeit -storepass changeit -noprompt
-
Restart ADSelfService Plus.
-
Now, try establishing the SSL connection.