(PE-16132) Add Windows Based Authentication for sqlserver::config #174
Conversation
|
Verified that this worked by installing a new single SQL server installation, and ran the following code: This executed without an error code. I then verified the user account was given sysadmin access. |
|
👍 |
| admin_user = config[:admin_user] || '' | ||
| admin_pass = config[:admin_pass] || '' | ||
|
|
||
| if (config[:login_type] == 'WINDOWS_LOGIN') |
There was a problem hiding this comment.
Shouldn't WINDOWS_LOGIN be mentioned in the README?
Ohh, weird - it is already? But it just wasn't effective?
There was a problem hiding this comment.
Actually, that is a good point. Initially I did not include that in sqlserver::config and didn't connect that I needed that there
There was a problem hiding this comment.
Yeah, so it looks like login_type is mentioned for sqlserver::login (which is a different thing), but not for sqlserver::config
There was a problem hiding this comment.
It appears I forgot to add that to the README.
There was a problem hiding this comment.
If you feel that it's confusing to have the same parameter name, perhaps I should use admin_login_type in the sql::config class?
There was a problem hiding this comment.
I'm not confused, but I think users might be now that you mention it. The intent is different between the two, mostly because login uses it as a property... whereas for config its more used as a parameter.
There was a problem hiding this comment.
Done.
Renamed the login_type property to admin_login_type
Updated the readme.
Previously to use classes such as sqlserver::login, it would use the sqlserver::config resource which would contain the credentials to conect to the database. However this resource could only authenticate using SQL Server based authenctiation. This means that databases that only used Windows based authentication could not be managed. This commit modifies the sqlserver::config class with an additional property called login_type which can be either SQL_LOGIN or WINDOWS_LOGIN, with a default of SQL_LOGIN. The login type also determines the validity of the admin_user and admin_pass properties. The config resource properties are consumed by the get_connection_string method in sql_connection. The login_type property then determines whether 'Integrated Security=SSPI' is appended the connection string for connecting to the database. Additional the spec, define and acceptance tests are modified for the new properties and default values.
Previously to use classes such as sqlserver::login, it would use the
sqlserver::config resource which would contain the credentials to conect to the
database. However this resource could only authenticate using SQL Server based
authenctiation. This means that databases that only used Windows based
authentication could not be managed.
This commit modifies the sqlserver::config class with an additional property
called login_type which can be either SQL_LOGIN or WINDOWS_LOGIN, with a default
of SQL_LOGIN. The login type also determines the validity of the admin_user and
admin_pass properties.
The config resource properties are consumed by the get_connection_string method
in sql_connection. The login_type property then determines whether
'Integrated Security=SSPI' is appended the connection string for connecting to
the database.
Additionally the spec and define tests are modified for the new properties and
default values.