科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>azure - Using GMSA to connect SQL Server - Stack Overflow

    azure - Using GMSA to connect SQL Server - Stack Overflow

    programmeradmin1浏览0评论

    I am able to connect from ORQA server to DB server with ORQA tool, using below jdbc connection string with GMSA account

    jdbc:sqlserver://<dbserver>:<port>;databaseName=<DBname>;integratedSecurity=true;encryption=true;trustServerCertificate=true;Persist Security Info=false;MultiSubnetFailover=true

    Username parameter: GMSA$

    Using azure devops pipeline, using self hosted agent from orqa machine, using the below connection string, I am getting error as below

    <parameter name="connectionString" defaultValue="jdbc:sqlserver://dbserver:port;databaseName=dbname;encryption=true;trustServerCertificate=true;Persist Security Info=false;username=DOMAIN\GMSA$"/>

    ERROR: test_GMSA.task:1: Login failed for user 'DOMAIN\GMSA$'

    I am able to connect from ORQA server to DB server with ORQA tool, using below jdbc connection string with GMSA account

    jdbc:sqlserver://<dbserver>:<port>;databaseName=<DBname>;integratedSecurity=true;encryption=true;trustServerCertificate=true;Persist Security Info=false;MultiSubnetFailover=true

    Username parameter: GMSA$

    Using azure devops pipeline, using self hosted agent from orqa machine, using the below connection string, I am getting error as below

    <parameter name="connectionString" defaultValue="jdbc:sqlserver://dbserver:port;databaseName=dbname;encryption=true;trustServerCertificate=true;Persist Security Info=false;username=DOMAIN\GMSA$"/>

    ERROR: test_GMSA.task:1: Login failed for user 'DOMAIN\GMSA$'

    • sql-server
    • azure
    • jdbc
    • devops
    Share Improve this question edited Feb 1 at 9:09 Dale K 27.5k15 gold badges58 silver badges83 bronze badges asked Jan 31 at 10:37 Anusha MAnusha M 531 gold badge1 silver badge6 bronze badges 9
    • Have you checked the SQL Server logs? That will give you the true authentication error. If you don't understand that error, then please add it to the question. – Thom A Commented Jan 31 at 10:38
    • Wait, username=DOMAIN\GMSA$? You can't pass domain credentials like that; it's either SQL Authentication (with a username and password), or a trusted connection (and no credentials passed in the connection string). – Thom A Commented Jan 31 at 10:39
    • How to modify the jdbc connection string to connect using GMSA account. Not SQL server authentication user – Anusha M Commented Jan 31 at 10:43
    • The process needs to run under the credentials of that account. – Thom A Commented Jan 31 at 10:45
    • GMSA doesnt have the password. It connects only with username – Anusha M Commented Jan 31 at 10:46
     |  Show 4 more comments

    1 Answer 1

    Reset to default 1

    Connection string should be

    jdbc:sqlserver://dbserver:port;databaseName=dbname;encryption=true;trustServerCertificate=true;integratedSecurity=true;

    https://learn.microsoft/en-us/sql/connect/jdbc/setting-the-connection-properties?view=sql-server-ver16

    Then run the pipeline agent as a Windows Service configured to run under the GMSA.

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论