This technical document explains how we can setup Transparent Login capabilities to a SQL Server database application that you have configured within your CA PAM instance.

Release: PAM-Management Console-OVA Appliance

First, make sure you have created the device under Devices -> Manage Devices -> Create Device.

Next, create your RDP Application under Services -> RDP Applications.  Make sure the Launch Path string matches exactly what the destination is on the targeted SQL Server.  Check Enable and Transparent Login on the Administration flag.  The Window Title should be the window in which you are authenticating against.  When you go to authenticate against SQL Server, you will see the 'Connect to Server' dialogue box spawn.  You will want to Save this. The Application Fingerprint and Transparent Login Configs can be figured out later.

Once you have assigned your new Service to the device via Managed Devices and saved your work, you will want to click the Access page.  Hover your mouse over the RDP hyperlink under Access Methods and you will see a dialogue box where we can select 'Learn mode' and click the Launch button:

You will see a Learn Tool on your Windows session now that looks like this:

We want to click 'Add new configuration' and give it a name you will use within the Transparent Login Configs menu for later.  Next, you will want to launch SQL Server.  Your configuration should look like this after you are done creating a new configuration:

Click 'Run Control Viewer' and use the magnifying glass to drag it over to the 'Server name' textbox (note: do not hover the Browse Tool over the down arrow on the dropdown box, only on the inside of the box).  Your Control Viewer box should look identical to mine if it is SQL Server 2012.

Next, click 'Text input' and pick Text Field for Element Type, fill in Element ID with the Instance data you have in your Control tab of your Control Viewer, and for Value put in your SQL Server name you are connecting to:

Now, we want to put in a macro keyboard click that after we submit the Value string, we would then press Enter to log us into the database.  Again, click 'Text input' and click Keystrokes for the Element type dropdown box.  Grab the same Instance as before and insert that into the Element ID, and for Value put in '{ENTER}':

Next, get the 'Application Fingerprint', specify the App Path and you will see the tool generate an Application Fingerprint.  That Application Fingerprint, as aforementioned, needs to be populated on the RDP Application side again.

For information on how to Troubleshoot RDP Application with Transparent Login, please refer to the following KB.

https://knowledge.broadcom.com/external/article?articleId=47077