IntenseWebs/grafana
3
0
Fork 0
mirror of https://github.com/grafana/grafana.git synced 2025-02-25 18:55:37 -06:00
Code Issues Packages Projects Releases Wiki Activity

MSSQL: Add Windows AD/Kerberos auth (#84742)

Browse Source 
* mssql: Add Kerberos/Windows AD auth

* need username for cache file

* account for no port in cc file

* add tests around constring

* remove un-needed port

* add docs

* remove comments

* move defer to same locale as where it begins

* fix linting and spelling

* fix gosec linter

* note lack of grafana cloud support
This commit is contained in:
Adam Simpson
2024-03-20 10:41:57 -04:00
committed by GitHub
parent 04c9f459ec
commit 311aa94fab
10 changed files with 571 additions and 17 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
docs/sources/getting-started/get-started-grafana-ms-sql-server.md
View File

@@ -28,18 +28,60 @@ If you are on a Windows host but want to use Grafana and MS SQL data source on a
#### Add the MS SQL data source
There are several ways to authenticate in MSSQL. Start by:
1. Click **Connections** in the left-side menu and filter by `mssql`.
1. Select the **Microsoft SQL Server** option.
1. Click **Create a Microsoft SQL Server data source** in the top right corner to open the configuration page.
1. Enter the information specified in the table below, then click **Save & test**.
1. Select the desired authentication method and fill in the right information as detailed below.
1. Click **Save & test**.
##### General configuration
| Name | Description |
| ---------- | --------------------------------------------------------------------------------------------------------------------- |
| `Name` | The data source name. This is how you refer to the data source in panels and queries. |
| `Host` | The IP address/hostname and optional port of your MS SQL instance. If port is omitted, the default 1433 will be used. |
| `Database` | Name of your MS SQL database. |
| `User` | Database user's login/username. |
| `Password` | Database user's password. |
##### SQL Server Authentication
| Name | Description |
| ---------- | ------------------------------- |
| `User` | Database user's login/username. |
| `Password` | Database user's password. |
##### Windows Active Directory (Kerberos)
Below are the four possible ways to authenticate via Windows Active Directory/Kerberos.
{{< admonition type="note" >}}
Windows Active Directory (Kerberos) authentication is not supported in Grafana Cloud at the moment.
{{< /admonition >}}
| Method | Description |
| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------ |
| **Username + password** | Enter the domain user and password |
| **Keytab file** | Specify the path to a valid keytab file to use that for authentication. |
| **Credential cache** | Log in on the host via `kinit` and pass the path to the credential cache. The cache path can be found by running `klist` on the host in question. |
| **Credential cache file** | This option allows multiple valid configurations to be present and matching is performed on host, database, and user. See the example JSON below this table. |
```json
[
{
"user": "grot@GF.LAB",
"database": "dbone",
"address": "mysql1.mydomain.com:3306",
"credentialCache": "/tmp/krb5cc_1000"
},
{
"user": "grot@GF.LAB",
"database": "dbtwo",
"address": "mysql2.gf.lab",
"credentialCache": "/tmp/krb5cc_1000"
}
]
```
For installations from the [grafana/grafana](https://github.com/grafana/grafana/tree/main) repository, `gdev-mssql` data source is available. Once you add this data source, you can use the `Datasource tests - MSSQL` dashboard with three panels showing metrics generated from a test database.