Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Database Performance Analyzer (DPA) > Use Azure AD authentication in DPA

Use Azure AD authentication in DPA

Table of contents

Updated February 14, 2017

Overview

You can use Azure Active Directory (AD) authentication in DPA if one or both of the following conditions apply to your environment:

  • Your repository database is Azure SQL.
  • You are monitoring one or more Azure SQL databases.

This form of authentication is only available if the DPA server is running on a Windows operating system.

Environment

  • DPA 11.0 and later

Steps

  1. On the DPA server, download and run ENU\x64\adalsql.msi from Microsoft.
  2. Download and run enu\sqljdbc_6.0.7728.100_enu.exe from Microsoft.
  3. Copy sqljdbc_auth.dll from Microsoft JDBC Driver 6.0 for SQL Server\sqljdbc_6.0\enu\auth\x64 to C:\Windows\System32 on the DPA server.
  4. Restart DPA.
  5. Add the Active Directory admin to the Logical Server where the monitored database is located. See step 4 in this guide from Micorsoft for more information.
  6. Connect to the Azure database with an Active Directory account and execute the appropriate script:

    For an Azure SQL repository database

    CREATE USER [activeDirectoryUser@*.onmicrosoft.com] FROM EXTERNAL PROVIDER WITH DEFAULT_SCHEMA = [ignite];
    ALTER ROLE db_owner ADD member [activeDirectoryUser@*.onmicrosoft.com];
    GO
    CREATE SCHEMA [ignite] AUTHORIZATION [activeDirectoryUser@*.onmicrosoft.com];

    For a monitored Azure SQL database

    CREATE USER [activeDirectoryUser@*.onmicrosoft.com] FROM EXTERNAL PROVIDER;
    ALTER ROLE db_owner ADD member [activeDirectoryUser@*.onmicrosoft.com];
  7. In DPA, run the Create Repository or Register Instance wizard.
  8. When entering the connection information, click Advanced Connection Properties.
  9. In the JDBC URL Properties field, enter the following and click OK:
    Authentication=ActiveDirectoryPassword;HostNameInCertificate=*.database.windows.net
  10. Click I'll create the contained user or login, and enter credentials.
  11. Complete the wizard.
Last modified
11:02, 16 Feb 2017

Tags

Classifications

Public