Windows Authentication: Microsoft SQL Server

Hello Experts,

I am trying to connect ISC with MS SQL server using the out-of-the box connector available in SailPoint ISC. We are trying to use Windows Authentication.

We have followed some of the guidance provided here in the community:

The issue we are having is we are getting the “unable to obtain Principal Name …”.

The second link I have included here has very nice and step by step guide document from Brennen Scott that we were trying to follow: However,
We won’t be able to use the same service account that runs the MSSQLSvc and have the right SPN record as shown in the document.

We need to use a different windows account but we cannot set the SPN that it needs since it is used by the service account that runs the MSSQLSvc service in the server.

So, we are not able to move forward and hoping if anyone here faced the similar issue and had some insights on resolution. Any information helps.

Thanks in advance.

Thanks,
Nischal

Hi @nadhikari_identitynow,

In the past for OOTB connector (Microsoft SQL Server) we had the same requirments to use Windows account for AuthN so we used JTDS driver instead of JDBC and used below configs.

Auth Type: Windows AuthN
DB URL: jdbc:jtds:sqlserver://:;domain=<your_domain>integratedSecurity=true;useNTLMv2=true;
Driver class: net.sourceforge.jtds.jdbc.Driver
Jar file: jtds-1.3.1.jar (can be downloaded from jTDS - SQL Server and Sybase JDBC driver - Browse /jtds at SourceForge.net)

Might worth a try to see what it pulls.

Thanks,
Shubham

Hi Shubham,

Thank you for your response. Just to confirm, you are using generic JDBC connector and JTDS driver? Or you are using Microsoft SQL Server connector and JDTS Driver?
Please confirm.

Thank you.

-Nischal

We are using Microsoft SQL Server connector and JTDS Driver.

Thanks,
Shubham

Did you ever resolve this?

No. We weren’t approved to use the open-source JTDs. SQL Authentication was eventually used.