Previous Topic: IBM OS/400 Connection InformationNext Topic: Oracle Server Connection Information

Enterprise Administration GuideImplementing Shared AccountsSAM Endpoint and Shared Account CreationCreate an EndpointMS SQL Server Connection Information

MS SQL Server Connection Information

The MS SQL Server endpoint type lets you manage privileged Microsoft SQL Server accounts.

The administrative user that you specify for an MS SQL Server endpoint must:

Note: A user with the securityadmin server role cannot modify serveradmin and sysadmin server roles.

When you create endpoints of this type, provide the following information so that CA ControlMinder Enterprise Management can connect to the endpoint:

User Login

Defines the name of an administrative user of the endpoint. SAM uses this account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords.

Note the following points:

If you specify the Advanced option, SAM does not use the User Login account to perform administrative tasks. Instead, SAM uses the specified privileged account to perform administrative tasks on the endpoint.

Password

Defines the password of the administrative user of the endpoint.

URL

Defines the URL that CA ControlMinder Enterprise Management can use to connect to the endpoint. The URL specifies a particular type of database server.

Format: jdbc:sqlserver://servername:port

Example: jdbc:sqlserver://localhost:1433

Note: For more information on the format of the URL, see your endpoint documentation.

Host

Defines the host name of the endpoint.

Note: If CA ControlMinder is installed on the endpoint, we recommend that you specify the CA ControlMinder host name for this attribute. You can use World View to view the CA ControlMinder host name of the endpoint.

Port

(Optional) Specifies the server listening port number. The port number that you specify must match the port number that you specify in the URL.

Example: 1433

Instance Name

(Optional) Specifies the database instance name.

Advanced

Specifies whether you want to use a privileged administrative account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords. For example, you can specify a privileged domain account that can perform administrative tasks on multiple endpoints.

If you specify this option, SAM does not use the User Login account to perform administrative tasks.

Disable Exclusive Sessions

Specifies whether to disable the exclusive sessions check on this endpoint. When selected, SAM does not check for open sessions on the endpoint.

Deny Exclusive Break-Glass

Specifies to block break-glass check-out action on exclusive accounts.