Skip to content
Related Articles

Related Articles

Improve Article

Microsoft SQL Server Active Directory Authentication on Linux Machine

  • Last Updated : 21 Sep, 2021

In this article, we will look into the process of connecting to an SQL Server running on Linux using a Kerberos-based identity provider. In this example, we’ll use Active Directory as a Kerberos identity provider, but this will work with other Kerberos identity providers like Red Hats Identity Manager or Centrify too. 

Follow the below steps for the MS SQL Server Active Directory Authentication on Linux machine:

Attention reader! Don’t stop learning now. Learn SQL for interviews using SQL Course  by GeeksforGeeks.

Step 1: First we’ll SSH into a SQL server running on rhel and we can see that here we have a SQL server running locally.



Step 2: Now we’ll run the below command to check that the command-line options include a -E parameter which allows you to connect using a trusted connection or using a Kerberos based identity in order to be able to connect to the server as opposed to using a SQL login and password.

sqlcmd

Step 3: Now we’re going to run the below command to get a ticket-granting token for the Active Directory user. In this particular case, the user we are logged in as has an Active Directory ID that’s been created and this particular server is also a domain-joined to an Active Directory domain.

kinit

 Step 4: So now that we’ve done a kinit, we now have a ticket-granting token here locally for this user and we can run the following command to connect to the local server. 

sqlcmd -E -S localhost

And you can see that we’re able to connect here. We can run some queries like below

select @@version

And we can see that we’re running here on Red Hat Enterprise Linux.

For Windows:

Now let’s take a look at the same kind of thing from the Windows side. So on the Windows side, we may want to connect to this SQL server running on rhel from a Windows machine using this tool called  SQL Server Management Studio, which is the most commonly used tool on the Windows side. 

So here we can just use Windows authentication. We are logging in as the Active Directory identity that we just used on the Linux side and connecting to the same server and you can see that that just works. 

Just like that it just connects using the -E parameter from Windows to Linux, using Active Directory as an identity provider to negotiate the connection between the two and authenticate this user to the server. 

My Personal Notes arrow_drop_up
Recommended Articles
Page :