Contents
Windows Authentication with MS SQL Server for Framework Applications
Windows Authentication provides a more secure way for an Application to access an MS SQL database without storing the database password in the Genesys configuration.
Full details about how to enable Windows Authentication with MS SQL Server are described in the "Microsoft SQL Server Databases" section of the Framework Database Connectivity Guide.
This topic describes how to enable and configure Framework Applications to use Windows Authentication with MS SQL Server.
Prerequisites
Before you can configure individual applications to use Windows Authentication, you must first create Windows processes on the MS SQL Server for each component that will be accessing the database. Specifically, you need to create a Windows process for the following components in the scenarios that applies to your configuration:
- Configuration Server with a direct connection to the Configuration Database—None
- Configuration Server with an indirect connection to the Configuration Database—DB Server 8.1.3
- Message Server with a direct connection to the Log Database—Message Server
- Message Server with an indirect connection to the Log Database—DB Server 8.1.3
Follow the instructions here to configure the Windows processes required.
Configuring Applications to use Windows Authentication when Accessing MS SQL Server
How you configure a Framework Application to use Windows Authentication depends on how it accesses its database, that is, whether it uses DB Server or not. These scenarios are described below.
Configuration Server
Using DB Server
If Configuration Server is using DB Server, you must:
- Set up a Windows process on MS SQL Server for DB Server, as described here.
- In Configuration Server, configure the options that describe the Configuration Database and set dbthread=false in the configuration file confserv.cfg, as shown in the example below.
Using a DSN named "sqldsn", the entries would look something like this:
...
[confserv]
...
dbthread=false
...
[dbserver]
host=<name of host on which DB Server is running>
port =<host port through which to communicate with DB Server>
dbengine=mssql
dbserver=dsn
dbname=sqldsn
username=<this field can be filled with a dummy username>
password=<this field can be left empty or filled with a dummy password>
...Not Using DB Server
If Configuration Server is not using DB Server, you must set dbthread=true and the options that describe the Configuration Database in the configuration file confserv.cfg, as shown in the example below.
Using a DSN named "sqldsn", the entries would look something like this:
...
[confserv]
...
dbthread=true
...
[dbserver]
host=<name of host on which DBMS is running>
port =<host port through which to communicate with the DBMS>
dbengine=mssql
dbserver=dsn
dbname=sqldsn
username=<this field can be filled with a dummy username>
password=<this field can be left empty or filled with a dummy password>
...Message Server
If Message Server is using DB Server, you must set dbthread=false in the [messages] section of the Message Server Application object. Configure a DAP in which DB Server is set. DB Server must be using DB Client 8.5.1 or higher. You must also configure a Windows process for DB Server, as described here.
If Message Server is accessing the Log Database directly (without DB Server), you must still configure a DAP but it will not point to DB Server. Set dbthread=true in the [messages] section of the Message Server Application object. You must also set up a Windows process for Message Server, as described here.
In both cases, set the Username field to a dummy username.