Cannot scan Microsoft SQL database with jTDS driver in DLP network discover
Article ID: 163941
Updated On:
Products
Data Loss Prevention Network Discover
Data Loss Prevention Endpoint Discover
Issue/Introduction
After installing jTDS driver and configuring NTML login with domain name
SQLSERVER://<server>:<port>/<database>;domain=<domain>;useNTLMv2=true
When the network discover scan starts, it fails because of an issue with untrusted domain.
The login is from an untrusted domain and cannot be used with Windows authentication.
Cause
Lack of permissions to authenticate a service in Kerberos
Resolution
Add SPN for the service MSSQLSvc/<hostname> and MSSQLSvc/<fqdn>
Reference:
Service Principal Name
https://msdn.microsoft.com/en-us/library/ms677949(v=vs.85).aspx
Feedback
Yes
No
Powered by
