Documentation forSecurity Event Manager

Microsoft SQL Server connectors authentication methods

When creating connector for MSSQL Server, there are two authentication methods currently available:

  • SQL Authentication
  • Windows Authentication

SQL Authentication

SQL authentication is the simplest solution.

  • There must be a user created in the database to which you are trying to connect.
  • Database connectors have the option attribute defined in DefaultReaderConfiguration, but in this case this attribute should be empty
  • The user connecting must have the privilege to read from accessed table/view.

Windows Authentication

Windows authentication takes advantage of Windows Users and Active Directory to authenticate to the database. However, Microsoft's JDBC driver does not support remote logging as a specific user, so you have to work around that. To do so, SEM should be configured as following:

  • Agent needs to be installed on the machine with database
  • Agent service must run as User, and want to connect to the database:
    1. Go to Services and right-click on agent service.
    2. Select Properties.
    3. Go to Log On tab. and Select using This account.
    4. Fill in the credentials for the required user to login to the database.
    5. Restart the service.
  • The user connecting must have the privilege to read from the accessed table/view.
  • The account filled in service must have administrator rights for FIM and USB Defender to work.
  • When configuring the connector, the option field should have integratedSecurity=true filled in