Provisioning logins in MS SQL
Provisioning of Login Accounts in MS SQL Server can be automated through account definitions in One Identity Manager. To automate the provisioning of Login Accounts, create an account definition for UNSAccountB and specify the MS SQL target system. Ensure that the account definition has the associated mappings with UNSAccountB for the successful processing of Login creation process.
Automating Login Account creation
The user accounts from the Active Directory (AD) are synchronized using the Active Directory connector for One Identity Manager. After synchronizing, the corresponding entries are displayed in the Identity section of the Manager tool. Assigning an account definition for the identity and saving operation creates a Windows Login for the Active Directory account in MS SQL Server.
Automating Login Account creation
- Create an account definition for the MS SQL Server target system using the Manager tool.
- Define an IT operating data mapping for AccountType column of the UNSAccountB table.
- After the account definition is configured, assign it to the Identity.
- Click Save.
An entry is created in the UNSAccountB table and the process for provisioning of Login is triggered.
NOTE:
- If there is an issue in automating the Login Account creation, check the job queue for a detailed information about the issue.
- Ensure that the correct values have been set in the AccountType and LoginName fields of the UNSAccountB table in the Manager tool.
Troubleshooting
Issues related to the use of this module range from server-related issues to Job server latencies. Some of the issues that can affect the use of this module are mentioned here:
-
Network issues connecting the database instance with the Job server handling database synchronization and provisioning tasks.
-
For details about the errors related to Microsoft SQL Server and Oracle databases, see the Job server logs.
-
Detailed information on the errors for the SAP HANA Synchronization or Provisioning is not available in the Job Queue, as it uses SAP HANA client assemblies.
-
Connectivity issues related to the instance unavailability or incorrect credentials being supplied while connecting to the database.
-
Provisioning issues can be related to specific known issues of the target databases. For example, in Oracle database, GLOBAL_AQ_USER_ROLE cannot be assigned to a user object type.
For more information on known issues specific to the target databases, refer the One Identity Manager Release Notes for Database Systems Integration Module.