Need help connecting SQL Server using Kerberos

Highlighted
Seven Stars

Need help connecting SQL Server using Kerberos

My Setup: Using tDBConnection(JDBC) component

I am trying to connect to a MSSQL server from linux machine using Windows Authentication. I have Kerberos setup on my server and I have a created a valid ticket. I am using the mssql-jdbc driver. I am running RHEL 7.5 and the machine is connected to a windows domain.

 

Job Run JVM arguments

-Djava.security.krb5.conf=/etc/krb5.conf

-Djava.security.auth.login.config=/home/USER@DOMAIN/TalendRemoteEngine/etc/SQLJDBCDriver.conf

 

SQLJDBCDriver.conf

SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
useKeyTab=true
keyTab=/home/USER@DOMAIN/trsja8.keytab
renewTGT=true
principal=USER@DOMAIN
doNotPrompt=true;
};

 

Component settings:

JDBC URL -> "jdbc:sqlserver://MYSERVER;databaseName=MYDATABASE;integratedSecurity=true;authenticationScheme=JavaKerberos"
Driver Class -> ""com.microsoft.sqlserver.jdbc.SQLServerDriver"

The error message I get is:

>>>KinitOptions cache name is KEYRING:persistent:274343438
[FATAL]: tDBConnection_2 Integrated authentication failed. ClientConnectionId:c1db7558-d33b-47bc-98a3-91fb3deefae5
java.lang.RuntimeException: Integrated authentication failed. ClientConnectionId:c1db7558-d33b-47bc-98a3-91fb3deefae5

 


Accepted Solutions
Seven Stars

Re: Need help connecting SQL Server using Kerberos

Answering my own question.

 

This worked for me with minor modifications:

https://jfrog.com/knowledge-base/authenticate-against-your-mssql-endpoint-using-kerberos-with-the-jd...

 

SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
useKeyTab=true
keyTab="path/to/file.keytab" # make sure this is in quotes
renewTGT=true
principal="your_windows_user@your_default_realm" #make sure it is in quotes
doNotPrompt=true;
};

All Replies
Seven Stars

Re: Need help connecting SQL Server using Kerberos

Answering my own question.

 

This worked for me with minor modifications:

https://jfrog.com/knowledge-base/authenticate-against-your-mssql-endpoint-using-kerberos-with-the-jd...

 

SQLJDBCDriver {
com.sun.security.auth.module.Krb5LoginModule required
useTicketCache=true
useKeyTab=true
keyTab="path/to/file.keytab" # make sure this is in quotes
renewTGT=true
principal="your_windows_user@your_default_realm" #make sure it is in quotes
doNotPrompt=true;
};

2019 GARNER MAGIC QUADRANT FOR DATA INTEGRATION TOOL

Talend named a Leader.

Get your copy

OPEN STUDIO FOR DATA INTEGRATION

Kickstart your first data integration and ETL projects.

Download now

What’s New for Talend Summer ’19

Watch the recorded webinar!

Watch Now

Best Practices for Using Context Variables with Talend – Part 3

Read about some useful Context Variable ideas

Blog

Talend Studio Improvements for API Services

Take a look at the Talend Studio improvements for API Services

Watch Now

Data Integration Success Stories

Take a look at some Data Integration success stories

Read