Versions Compared

Old Version 12

changes.mady.by.user Former user

Saved on

compared with

New Version 13

changes.mady.by.user Former user

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Make sure that you federated the on-premise Active Directory Federation Services (AD FS) with the Azure Active Directory in the cloud.

  2. Make the connection from a domain-joined machine that is federated with Azure Active Directory. You can access an Azure SQL Database without entering credentials when you're logged in to a domain-joined machine.

  3. Additionally, a database user representing your Azure Active Directory principal, or one of the groups the user belongs to, needs to exist in the database and have the CONNECT permission.

    Test to verify that you can connect from this machine using Active Directory Integrated Security with your same Liquibase Enterprise/Datical user via another tool such as SSMS (SQL Server Management Studio).

  4. If your connection works, continue on to Step 5.

    5. If your connection fails, here is the link to install SSMS, OBDC Driver 17, and OLE DB Driver 18: Configure Your Client Computers

  5. If your connection works, continue on to Step 5.

    6. If it fails, check to see if adal.dll is in your \Windows\System32 directory. If it is not there, install adal.dll from the following

  6. Install OLE DB driver from this link:

    https://docs.microsoft.com/en-us/sql/connect/oledb/download-oledb-driver-for-sql-server?view=sql-server-ver15

    1. This msi installer should add adal.dll to System32 and Syswow64 folders.

      Your connection via SSMS or similar tool should now work.

    2. If the connection still does not work, consult with your Azure SQL subject matter expert. For example, it might be necessary to add the adal.dll in your Windows registry.

    After verifying your connection via SSMS is successful, ensure

  7. Install ODBC Driver from this link:
    https://docs.microsoft.com/en-us/sql/connect/odbc/download-odbc-driver-for-sql-server?view=sql-server-ver15

  8. Ensure that the SQL Server JDBC Driver Authentication Library is in \Windows\System32. The file is named mssql-jdbc_auth-<version>.x64.dll where <version> is a version number for the file.

    1. If the mssql-jdbc_auth-<version>.x64.dll library is not already in \Windows\System32, it can be extracted from the following file (if you have installed the SQL Server JDBC Driver for Liquibase Enterprise/Datical): <datical-install>\plugins\com.datical.db.drivers.mssql_<version>.jar

    2. Using an archive utility, open or extract the com.datical.db.drivers.mssql_<version>.jar file to access its contents.

    3. The DLL is located in the following archive location: com.datical.db.drivers.mssql_1.0.24.jar\auth\x64\mssql-jdbc_auth-<version>.x64.dll

    4. Put the mssql-jdbc_auth-<version>.x64.dll file in \Windows\System32

  9. Make sure sqlcmd (version 13.1 or higher) is installed and on your PATH. You can install it from the following link:

    https://docs.microsoft.com/en-us/sql/tools/sqlcmd-utility?view=sql-server-ver15

Info

For more information about the configuration of the ActiveDirectoryIntegrated authentication, see Connecting using ActiveDirectoryIntegrated authentication.

8. To create a connection with the Active Directory Integrated mode in the Liquibase Enterprise/Datical DB GUI, select the following:

  • Connection Type - Azure SQL Database

  • Security – Active Directory Integrated Security

  • Also, enter your hostname, port, application name, database name, and instance name.

9. You can test the connection either by using the Test Connection button in the GUI or by running “hammer testConnect <dbDef>” from the command line. Troubleshooting for connection errors:

  • If you get the error “Login failed to authenticate the user in Active Directory (Authentication=ActiveDirectoryIntegrated)”, you may need to add a mssql-jdbc_auth-<version>.x64.dllentry in the Windows registry:

    1. Enter Registry Editor in the Windows search box on the taskbar and open the Registry Editor app. If you are prompted by User Account Control, select Yes.

    2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSJDBCAUTHDLL, double-click the TargetDir file, and then add the following path:

      Code Block
      C:\\WINDOWS\\System32\\mssql-jdbc_auth-<version>.x64.dll

    3. Select OK to save the changes.

Info

If you do not have privileges to copy files to C:\Windows\System32 or to run the Registry Editor, contact your IT support group for assistance.

  • If you receive an "Unable to load adalsql.dll" error message after downloading the adal.dll file and copying it to C:\Windows\System32, you will need to add an entry for adal.dll in the Windows registry.

Info

As the adalsql.dll file is outdated, the adal.dll should be used instead.

To add the adal.dll entry in the Windows registry:

  1. Enter Registry Editor in the Windows search box on the taskbar and open the Registry Editor app. If you are prompted by User Account Control, select Yes.

  2. Navigate to HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSADALSQL, double-click the TargetDir file, and then add the following path:

Code Block
C:\\WINDOWS\\System32\\adal.dll

...

  1. Select OK to save the changes.

Info

If you do not have privileges to copy files to C:\Windows\System32 or to run the Registry Editor, contact your IT support group for assistance.

Active Directory Password Authentication

...