Support login to SAMStore via Active Directory Accounts

Idea created by ReWi on Nov 11, 2015
    Wish-Listed
    Score13

    ## What is the use case of the new feature?

    ----------------------------------------

    Support the log in to the SOI Database via Active Directory account.

     

     

    ## Describe the new feature in detail

    ----------------------------------

    Related to a scenario that occurred for one of our customer, a safety improvement will be gained by adding this new feature.

     

    This is due to the fact, that each password of any configured SQL User is visible on a database instance (encrypted).

    By using an AD-Account for the log in, an encrypted passwords will not be stored on the SQL server for this user.

     

    As this is currently not possible the installation of the SOI database had to be performed under a 'Contained database', so that the passwords of any SQL User configured on the server are not visible for any other user.

     

    Unfortunately the installation of the SOI database using a 'Contained Database' will cause some further problems, that take quite some time until they are resolved and the installation can continue.

    ( See also another idea, which is created to get official support for 'Contained Databases' within the SOI installation. -> https://communities.ca.com/ideas/235726864 )

     

     

    To avoid this situation and any extra effort (like adding / deleting a user for login to the SQL Server) provide an opportunity to install the SOI Database with an Active Directory user.

     

     

    ## Describe how you envision this new feature being implemented.

    -------------------------------------------------------------

    Create a command prompt whenever the SOI installation reaches the point, where the SAMStore database should be created.

    Within this prompt it will be useful to decide, if the installation should proceed using the conventional user or another user for whom the credentials needs to be entered.

     

     

    ## What business problem will be solved by adding this new feature?

    ----------------------------------------------------------------

    By adding this functionality it will not be necessary to perform any actions in advance of the SOI installation.

    Moreover it will ensure, that the safety guidelines of a customer will be fulfilled and no further special solutions are necessary.