How to configure Release Automation to use Windows Active Directory Authentication instead of SQL Authentication with MS SQL Server?
book
Article ID: 45946
calendar_today
Updated On:
Products
CA Release Automation - Release Operations Center (Nolio)CA Release Automation - DataManagement Server (Nolio)
Issue/Introduction
How to configure Release Automation to use Windows Authentication instead of SQL Authentication with MS SQL Server?
Environment
Release Automation version 6.x
Cause
The Management Server and the Database Server are on two different computers in an Active Directory Domain.
SQL based accounts are restricted in the environment and cannot be used for authentication across servers. Is there a way to install Release Automation and use Windows Active Directory Authentication instead of using SQL Server Authentication?
Resolution
To use Windows Active Directory Authentication, you will need to create the ‘nolio_db’ database manually before installing the Management Server. Please follow the instructions below for the same:
Create the database manually as per the following link: Set Up the Database Note: You need to add the Active Directory Domain User account to database security with 'dbowner' user mapping on the 'nolio_db' database in Step 6 outlined in the link.
Locate and backup RA_HOME/webapps/datamanagement/WEB-INF/distributed.properties, then:
Make sure there is an entry for data.management.database.user, but keep it blank.
Make sure there is an entry for data.management.database.pwd, but keep it blank.
Example distributed.properties (Configured for MSSQL Server -> Windows authentication): # Database props data.management.database.host = TESTDBSERVER data.management.database.port = 1433 data.management.database.name = nolio_db data.management.database.user = # The DB password shall be encrypted. Please use the encrypt_password.bat/sh utility to encrypt the password. data.management.database.pwd = data.management.database.create = false
Note: If the database is installed on a named instance then use <DBServerName\\Instance name>. Example: data.management.database.host = TESTDBSERVER\\INST1 (A double backslash is required to specify the instance)
Locate and backup RA_HOME/webapps/datamanagement/WEB-INF/database.properties. Make sure all entries are commented - except for the MS SQL Server settings entries
Change the ‘database.jdbc.url’ value in database.properties as below: FROM database.jdbc.url = jdbc:sqlserver://${data.management.database.host};databaseName=${data.management.database.name} TO database.jdbc.url = jdbc:sqlserver://${data.management.database.host};databaseName=${data.management.database.name};integratedSecurity=true
Note: There should only be one database.jdbc.url defined. Comment any duplicates and be sure the uncommented entry is valid. This includes making sure that it has port information if necessary. If your SQL Server does not use the default port then you should also include the port information. In that case the entry would look something like this: database.jdbc.url = jdbc:sqlserver://${data.management.database.host}:${data.management.database.port};databaseName=${data.management.database.name};integratedSecurity=true
Change the Nolio Release Automation Server service to run with the Domain User account that you created with dbowner user mapping.
Open services.msc
Find the service and open its properties for: Nolio Release Automation Server
Click the "Log On" tab.
Set "This Account" and add the user@domain id to the account field and its password.
Make sure that the user starting the Nolio Release Automation Server service (in step 5) has Full Control of the ReleaseAutomationServer folder/subfolders/files.