SQL Server - New and Classic Web Admin

The Connection String lets SecureAuth IdP communicate with the data store. Click advanced mode to customize the content of the string.

Provide the Data Source server's Fully Qualified Domain Name or IP address, and also the Initial Catalog (database name) to be used in the connection string.

Enable Integrated Security if the IIS app pool service account should be used in the connection.

Enable Persist Security Info to let SecureAuth IdP access username and password information.

Equivalent configuration on Data tab in Classic Experience

DataStore Connection

CONNECTION STRING

• Data Source – Provide the server's Fully Qualified Domain Name or IP address to be used in the connection.

• Initial Catalog – Provide the database name to be used in the connection.

• Integrated Security – Select True if the IIS app pool service account should be used in the connection.

• Persist Security Info – Select True to let SecureAuth IdP access username and password information.

• Connection String – Click Generate Connection String to auto-populate the Connection String field. Or check the Custom Connection String box and enter a custom Connection String.

NOTE: The Password Format setting appears under ADVANCED SETTINGS.

Select the option SecureAuth IdP will use to log on the connected data store.

You can enter the SQL User ID email address and Password for SecureAuth IdP to use, or provide account information from an integrated CyberArk Password Vault that stores this service account information.

Equivalent configuration on Data tab in Classic Experience

Datastore Credentials

CREDENTIALS

• Use CyberArk Vault for credentials – Select this option if a CyberArk Password Vault is connected to SecureAuth IdP.

• User ID / Password – If a CyberArk Password Vault is not used, then provide the User ID and Password SecureAuth IdP will use to log on the data store.

Select the Password Format to specify how SecureAuth IdP will store the service account password in the directory: Clear, Hashed, or Encrypted.

Equivalent configuration on Data tab in Classic Experience

DataStore Connection

ADVANCED SETTINGS

• Password Format – Select the format for storing the service account password in the directory: clear, hashed, or encrypted.

Use the pre-configured stored procedure values, or provide custom values.

Equivalent configuration on Data tab in Classic Experience

Stored Procedure Configuration

STORED PROCEDURE CONFIGURATION

Provide values for: Get user SP, Validate / Get Password SP, Reset Password SP, and Create User SP.

Map fields in SQL Server to data store properties, as required for your configuration. See SQL User Data Store Tables and Stored Procedures Configuration Guide for reference.

Equivalent configuration on Data tab in Classic Experience

Profile Fields sectionMap Data Store Properties

• Not all Property Names in the Classic Experience appear in the New Experience:

  Classic Experience	New Experience
  Groups
  First Name	First Name
  Last Name	Last Name
  Phone 1	Phone 1 (Work)
  Phone 2	Phone 2 (Mobile)
  Phone 3 / 4	Phone 3 / 4 (Alternate)
  Email 1	Email 1 (Work)
  Email 2	Email 2 (Personal)
  Email 3 - 4	Email 3 - 4 (Alternate)
  PIN	PIN
  KB Questions	Knowledge Base Questions
  KB Answers	Knowledge Base Answers
  Aux ID 1 - 10	Aux ID 1 - 10
  Cert Serial Number
  Cert Reset Date
  Certificate Count
  Certificate Expiration
  Mobile Reset Date
  Mobile Count
  iOS Devices	Device Profiles
  Ext. Sync Pwd Date	Google Sync Password Date
  Hardware Token	Hardware Token
  OATH Seed
  One Time OATH List	One Time OATH List
  Fingerprints
  Push Notifications	Push Notification Tokens
  OATH Tokens	OATH Token
  Access Histories	Access Histories
  Behavior Biometrics

Click Save.

The added data store appears on the User Data Stores list.