Wanted to know what Connection String we should be using to connect to Microsoft SQL Server from an Octopus Linux container? We want to use Windows Authentication instead of SQL Authentication i.e. use a Domain user instead of a SQL user. Note: we have added Kerberos to our Octopus container.
For example, with any one of these Connection Strings:
The provided connection string is not valid: The connection string is configured to use Integrated Security. Integrated Security is not supported in non Windows OS.. Use the 'Octopus.Server.exe database --connectionString' command to configure your connection string.
Hi Chris,
Thanks for reaching out with this container query.
I will answer your query here and close off the duplicate from our Zendesk side.
First off I will say that we don’t directly support standard AD in our Linux containers. The auth matrix is here for our external providers:
In this instance we recommend LDAP as an alternate auth mechanism and there are a few changes required to make that work for you. Your next step would be to check out the detailed LDAP setup page: LDAP Authentication - Octopus Deploy
Depending on your current setup this may take some time to work through. At this point it might be good to check out this topic in our docs which has a lot of lower level detail and scripts which help out those with more complex AD environments:
Since there is a lot of information here can I leave this with you to check out and see if its the right approach for you?
Let me know if you need help getting the final configuration working. This is a slightly more complex way of getting Linux and AD working but should work out for most customers needing this functionality.
Thank you for your follow up question, I think Pariac may have missed you wanted to use Windows auth to connect to the Octopus DB in the connection string in a Linux container.
Unfortunately this is not officially supported and all of our users that host Octopus on a Linux container will use SQL Auth in their connection string so the username/pw for the SQL DB account that has rights to the Octopus DB is inserted into the string.
We did find this article on connecting to Sql Server From Linux Using Windows Authentication (the section you would need is half way down titled - Connect To Sql Server From Linux Using Windows Authentication). However, from skim reading it it does seem like that is more connecting directly through software such as SSMS so I do not know whether this will work in a connection string. Since it is not supported by us our recommendation would be to use SQL Auth and set your connection string similar to the one below:
If you have not seen our documentation on hosting Octopus in a Linux container I have linked that just in case you have not seen it. I am not sure whether you are hosting Octopus using Docker or Kubernetes so did not want to assume the string you will need to use.
I am sorry that is not the news you wanted to hear, you can give that article a go but since we dont support the use of Windows Auth in connection strings for a Linux container we cant say whether it will work or not. Our documentation should take you through how to connect to the Octopus DB from the Linux container depending on how you are hosting your container.