Now that the initial steps are complete, you must re-edit the odbc.ini file, and begin that next set of steps:
- Update the previous entry that you made to the odbc.ini file with the following changes:
[TESTDB]
Driver=/opt/mqsi/ODBC/V7.1/lib/UKsqls27.so
Description=DataDirect 7.1 ODBC SQL Server Wire Protocol
Address=sqlserver.domain.company.com,1433
AnsiNPW=Yes
Database=TESTDB
QuotedId=No
ColumnSizeAsCharacter=1
LoginTimeout=0
AuthenticationMethod=4
GSSClient=libgssapi_krb5.so
In this example:
- TESTDB is the name of a database.
- sqlserver.domain.company.com,1433
- libgssapi_krb5.so is an existing kerberos implementation on the system that is present and available through the library path.
- If you have not already set the SPN directory, then run the setspn command on the Active Directory server, for example:
setspn /S MSSQLSvc/sqlserver.domain.company.com:1433 DOMAIN\SQLSERVER$
Where sqlserver.domain.company.com:1433 is the address and port of your SQL server.
- Open SQL Server Management Studio, and grant SQL Server login permission to the domain user on the server and on the database that you specified in the odbc.ini file in a previous step.
- Run the following commands in a broker console:
mqsisetdbparms KERB -n dsn::TESTDB -u kerberos::username@sqlserver.domain.company.com -p N0chang3
mqsisetdbparms KERB -n odbc::TESTDB -u kerberos::username@sqlserver.domain.company.com -p N0chang3
mqsichangeproperties IIBNODE9 -e default -o ComIbmJVMMangaer -n kerberosConfigFile -v /etc/krb.conf
Where username is the domain user, and sqlserver.domain.company.com is the address of your SQL server.
- Run the flow from Configuring IBM Integration Bus to connect to SQL server: Part 1 again. The broker now connects to SQL Server using the Kerberos ticket.
Now that these steps are complete, you must continue to the next task as an administrator on your SQL Server machine.