Are you struggling with setting up and deploying your JDBC connector? You’re not alone!
In this must-watch guide, @Bakhari reveals the insider secrets to getting your JDBC Connector up and running FAST in Identity Security Cloud —without the headaches! Whether you’re a beginner or a pro, he’ll walk you through the step-by-step process, uncover hidden pitfalls, and share expert tips to ensure a smooth deployment. Don’t risk costly mistakes—watch this livestream and take your JDBC game to the next level!
Are you struggling with setting up and deploying your JDBC connector? You’re not alone!
I can confirm that I definitely struggled with every connector I’ve tried. Hard to configure, to debug, to understand why some “best practices” were recommended, incorrect documentation, links scattered all over the multiple SailPoint websites.
[…] reveals the insider secrets
[…] he’ll walk you through the step-by-step process, uncover hidden pitfalls, and share expert tips to ensure a smooth deployment
Could you do us a favor and please include the insider secrets in the official connector documentation?
Maybe even add a step-by-step process, which mentions the hidden pitfalls, so long these pitfalls are not handled in the connector itself?
@adamian, sounds like you’ve experienced some frustration with configuring connectors. Setup of many of our connectors, like JDBC and Web Services especially, is quite complex, and even with the documentation, there are still pitfalls due to implementation specifics. There is often no substitute for learning from someone who has experience with an advanced configuration. We aim to provide that in the Developer Community, and a recording of Bakhari’s upcoming livestream will be added to the video library. We can see a need for more walkthrough guides to supplement our documentation as well. Sounds like connectors is a good place to start!
In reality, our users are the ones who know best what should be added or clarified in our documentation to make it more useful for them. Are you familiar with the built-in documentation feedback we introduced in 2024? I encourage you to make comments on any documentation that could use some love!
To add on this, one of the bigger pain points is understanding how multiple attribute updates are made. It has caused some collisions in the source database as it seems that JDBC operations are done on a single basis per attribute, rather than batch. It seems to update one attribute, and before releasing the lock, the other attribute attempts to update, but is then blocked. This has caused the connection test and further queries directly on the database to hang until the opened connections are killed.
Would love to hear more on this on the livestream to avoid these situations and maybe batch up multiple attributes on a single provisioning operation.
I’m also interested in understanding this, but I don’t think it’s possible. When multiple attributes are updated in a source and synchronized with a connector, the history shows that each field triggers an update containing both the old and new values.
If ISC sends multiple attribute updates simultaneously, how would it determine if one of them fails?
That said, I’d love to know if there’s another way to achieve this!
Glad to know I’m not alone! As previously mentioned, documentation is a bit limited on how it works, and ways to avoid collisions. Fingers crossed this livestream will cover these problems inherit with the connector.
Hey Tim! I was checking out your question about batch attribute updates and I’m not sure I’m following. Are you referring to the Attribute Sync process on JDBC connectors, or triggering the Create/Modify events on the connector?
Both it seems, especially if Native Change Detection is enabled for specific attributes. It could be very well how I implemented it too. The provisioning rule calls a SQL Server Stored Procedure into the database we created to store a userID, along side their name/start/end/employment status/nativeIdentity.
If a modify operation kicks off, there are limited attributes it passes. On a create, the full list. However, from the events for modify account, I see each individual attribute fire off a separate event / call to the provisioning rule, even though it already passed the attribute in an earlier call on one of the multiple attributes that may be changing.
Another problem is when multiple identities are processed at once on the connector. There are a few queries that cause locking to preserve read, and the connector being fired off repeatedly, start to collide. I have to end the database connections it created and are hung. I tend to re-run the aggregation, and it’ll work. I’ve observed with with as little as two identities being updated as the same time with the connector.
Happy to chat more. I hope to be at the livestream, but will watch the recording if I miss it.
The screen resolution is really poor and unable to read any of the typed data. Not that critical as the explanations are great but it would help to understand some of what’s shared.
Existing articles are close, but I’d like to see an end-to-end guide for setting up integrated authentication in a Microsoft SQL AD environment. It should include…
Creating a krb5.conf file and understanding its contents.
Setting up VA certificates (if needed) for domains
Building a valid connection string
Use of service accounts with service principal names