How to configure Release Automation to use Windows Active Directory Authentication instead of SQL Authentication with MS SQL Server?

Document ID : KB000045946
Last Modified Date : 14/02/2018
Show Technical Document Details

Introduction: 

How to configure Release Automation to use Windows Authentication instead of SQL Authentication with MS SQL Server?

 

Background:  

The Management Server and the Database Server are on two different computers in an Active Directory Domain.

SQL based accounts are restricted in the environment and cannot be used for authentication across servers. Is there a way to install Release Automation and use Windows Active Directory Authentication instead of using SQL Server Authentication?

 

Environment:  

Release Automation version - 6.2

 

Instructions: 

To use Windows Active Directory Authentication, you will need to create the ‘nolio_db’ database manually before installing the Management Server. Please follow the instructions below for the same:

1. Create the database manually as per the following link:

https://docops.ca.com/ca-release-automation/6-2/en/installation/set-up-the-database

Note: You need to add the Active Directory Domain User account to database security with 'dbowner' user mapping on the 'nolio_db' database in Step 6 outlined in the link.

 

2. Install the Management server as per the following link. Choose ‘Custom Installation’ and select the ‘Management Server’ and 'Skip Database Configuration' options.

https://docops.ca.com/ca-release-automation/6-2/en/installation/install-for-a-distributed-environment#InstallforaDistributedEnvironment-ManuallyConfigureCommunicationwiththeDatabase

 

a)   Locate RA_HOME/webapps/datamanagement/WEB-INF/distributed.properties, and update the Database Props section with the appropriate values, but leave the username and password fields blank.

Example: For Windows authentication the settings should be as follows: 

distributed.properties

# Database props

data.management.database.host = TESTDBSERVER

data.management.database.port = 1433

data.management.database.name = nolio_db

data.management.database.user =

# The DB password shall be encrypted. Please use the encrypt_password.bat/sh utility to encrypt the password.

data.management.database.pwd =

data.management.database.create = false

Note: If the database is installed on a named instance then use <DBServerName\\Instance name>.

Example: data.management.database.host = TESTDBSERVER\\INST1 (A double backslash is required to specify the instance)

 

b)   Locate RA_HOME/webapps/datamanagement/WEB-INF/database.properties. Comment MySQL settings and uncomment MS SQL Server settings.

 

c)    Change the ‘database.jdbc.url’ value in database.properties as below:

 FROM

'database.jdbc.url = jdbc:sqlserver://${data.management.database.host};databaseName=${data.management.database.name}'

 TO

'database.jdbc.url = jdbc:sqlserver://${data.management.database.host};databaseName=${data.management.database.name};integratedSecurity=true'

 

4. Change the CA Release Automation Server Service to run with the Domain User account that you created with dbowner user mapping.

 

5. Start the CA Release Automation Server Service.