Create a Microsoft SQL server Java Database Connectivity (JDBC)-connected datastore in PingFederate and configure it for Windows authentication.
If your organization primarily uses a Microsoft Windows platform, you can have your PingFederate nodes on Windows servers, and you can use Microsoft SQL Server for your databases. One example use case for this type of datastore is storing OAuth grants in a clustered environment.
High availability requirements for this database should follow your organization’s procedures and are outside the scope of this document. Any database maintenance tasks are also not addressed in this document.
Component
PingFederate 9.3 or later
Before you begin
You must have:
- An SQL server on the network, accessible from the PingFederate nodes on its assigned port Note:
Port 1433 is the default port for SQL server. You can test connectivity to the
server:port
with the telnet command line utility. - Access to a database on the server with the correct tables
Work with the database administrator to determine an appropriate name for your database, such as “PingFederate”.
Note:For storing OAuth grants, you can find the table creation scripts (access-grant-sqlserver.sql and access-grant-attribute-sqlserver.sql) in <pf_install>/pingfederate/server/default/conf/access-grant/sql-scripts.
- A user account in the Active Directory (AD) domain you can use as a service
account
It does not need any special domain privileges, but it receives local permissions on your PingFederate nodes.
Work with your database administrators to ensure the user account in the AD has permissions to access and write to the database.