EmpowerID Microsoft SQL connector allows organizations to bring the user data (user accounts, profiles and roles) in their SQL server to EmpowerID, where it can be managed and synchronized with data in any connected back-end user directories. When EmpowerID inventories SQL server, it creates an account in the EmpowerID Identity Warehouse for each SQL user, a group for each SQL profile, and an EmpowerID Business Role for each SQL role. Once connected, you can manage this data from EmpowerID in the following ways:
Provision new users
Edit user attributes
Create a Microsoft SQL account store in EmpowerID
On the navbar, expand Admin > Applications and Directories and then click Account Stores and Systems.
On the Account Stores page, click Create Account Store.
Under System Types, search for SQL.
Click Microsoft Sql Server to select the type and then click Submit.
On the Create MSSql Connector Settings page that appears, fill in the following information:
Name — Enter a name for the account store
User Name — Enter the user name of the SQL Server Administrator
Password — Enter the password for the SQL Server Administrator
Server — Enter the FQDN or IP address of the SQL Server
Is Remote (Requires Cloud Gateway) — This setting appears for account stores with local directories, such as Active Directory, LDAP, SAP, etc. When enabled, this tells EmpowerID to use the Cloud Gateway Connection for that account store. The Cloud Gateway Connection must be installed on an on-premise machine. For installation information, please see Installing the EmpowerID Cloud Gateway Client.
When ready click Submit to create the account store.
EmpowerID creates the account store and the associated resource system. The next step is to configure the attribute flow between the account store and EmpowerID.
Now that the attribute flow has been set, the next steps include configuring the account store and enabling EmpowerID to inventory it.
Configure account store settings
On the Account Store and Resource System page, click the Account Store tab and then click the pencil icon to put the account store in edit mode.
This opens the edit page for the account store. This page allows you to specify the account proxy used to connect EmpowerID to your SQL server as well as how you want EmpowerID to handle the user information it discovers there during inventory. Settings that can be edited are described in the table below the image.
Edit the account store as needed and then click Save to save your changes.
Next, enable the Account Inbox permanent workflow to allow the Account Inbox to provision or join the user accounts in Oracle to EmpowerID Persons as demonstrated below.
EmpowerID recommends using the Account Inbox for provisioning and joining.