Documentation

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Panel
borderColor#000000
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#000000
borderWidthborderStyle1solid
titleIntroduction
borderStylesolid

Use this guide along with the  Data Tab Configuration  guide to configure a SecureAuth IdP realm that uses SQL Server as an additional Profile Provider.

Panel
borderColor#444443
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#444443
borderWidthborderStyle1solid
titlePrerequisites
borderStylesolid

1. Have an on-premises SQL Server data store

2. A Designate a service account with read access (and optional write access) for SecureAuth IdP

Panel
borderColor#135570
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#135570
borderWidthborderStyle1solid
titleSQL Server Configuration Steps
borderStylesolid
Section
Column
width50%

Column

1. In the Profile Provider Settings section, select True from the Same as Above dropdown to copy the data store integration from the Membership Connection Settings section for use in profile connection; or select False if that directory is only used for the membership connection.

2. Select SQL Server from the Default Profile Provider dropdown if SQL is to be used as the default profile provider

Info
  • If another SQL Server data store is configured in the Membership Connection Settings section, and True is selected from the Same as Above dropdown, then those settings appear in the Profile Connection Settings (below) and must be modified to reflect the settings of the new SQL Server data store
  • Only one SQL Server can be utilized for profile connection
  • If another directory is selected from the Default Profile Provider dropdown, then SQL Server must be selected from Source dropdown in the Profile Fields section for the SecureAuth IdP Properties that are mapped to SQL Server fields
Panel
borderColor#116490
bgColorwhite
titleColorwhite
borderWidth1
titleBGColor#116490
borderWidthborderStyle1solid
titleProfile Connection Settings
borderStylesolid
Section
Column
width50%

Column

 

3. Select SQL Server from the Data Store dropdown

4. Provide the Fully Qualified Domain Name (FQDN) or the IP Address in the Data Source field

5. Provide the Database Name in the Initial Catalog field

6. Select True from the Integrated Security dropdown if the IIS app pool's service account is to be used in the connection (see Integrated Auth Requirements below)

Select False to specify a SQL service account instead

UI Expand
titleIntegrated Auth Requirements

1. Join the server to the domain to utilize a domain service account

2. In IIS, set the application pool Identity for both the .NET v4.5 and SecureAuth0 app pools to use the preferred service account; and set Load User Profile to True

3. Make the service account a member of the local administrators group of the SecureAuth IdP server(s)

4. Perform an IIS reset after making the changes

7. Select True from the Persist Security Info dropdown if access to the username and password information is allowed

8. Provide the User ID of the SecureAuth IdP Service Account (if False is selected in step 6)

9. Provide the Password associated to the User ID (if False is selected in step 6)

10. Click Generate Connection String, and the Connection String will auto-populatepopulates

11. Create a list of Allowed Groups that can access the target resource of this realm

12. Provide the Stored Procedure Name for Get Profile SP

13. Provide the Stored Procedure Name for Update Profile SP

14. Click Test Connection to ensure that the connection is successful

Info

Refer to  Data Tab Configuration  to complete the configuration steps in the Data tab of the Web Admin

Info

Refer to SQL User Data Store Tables and Stored Procedures Configuration Guide for information regarding profile mapping