Active Directory authentication

• Linux

This article provides an overview of Active Directory authentication for SQL Server on Linux.

Active Directory authentication is also known as Integrated authentication in SQL Server.

Active Directory authentication enables domain-joined clients on either Windows or Linux to

authenticate to SQL Server using their domain credentials and the Kerberos protocol.

Active Directory Authentication has the following advantages over SQL Server Authentication:

Users authenticate via single sign-on, without being prompted for a password.

By creating logins for Active Directory groups, you can manage access and permissions in

using Active Directory group memberships.

Each user has a single identity across your organization, so you don’t have to keep track

of which SQL Server logins correspond to which people.

Active Directory enables you to enforce a centralized password policy across your

organization.

In order to use Active Directory authentication, you must have an Active Directory Domain

Controller (Windows) on your network.

The details for how to configure Active Directory authentication are provided in the tutorial,

Tutorial: Use Active Directory authentication with SQL Server on Linux. The following list

provides a summary with a link to each section in the tutorial:

Join SQL Server on a Linux host to an Active Directory domain.

Create an Active Directory user for SQL Server and set the Service Principal Name.

Configure the SQL Server service keytab.

Secure the keytab file.

Configure SQL Server to use the keytab file for Kerberos authentication.

Create Active Directory-based SQL Server logins in Transact-SQL.

Connect to SQL Server using Active Directory authentication.