| title | Active Directory authentication for SQL Server on Linux | Microsoft Docs | |
|---|---|---|
| description | This article provides an overview of Active Directory Authentication for SQL Server on Linux. | |
| author | rothja | |
| ms.date | 02/23/2018 | |
| ms.author | jroth | |
| manager | craigg | |
| ms.topic | article | |
| ms.prod | sql | |
| ms.component | ||
| ms.suite | sql | |
| ms.custom | sql-linux | |
| ms.technology | linux | |
| helpviewer_keywords |
|
[!INCLUDEappliesto-ss-xxxx-xxxx-xxx-md-linuxonly]
This article provides an overview of Active Directory (AD) authentication for [!INCLUDEssNoVersion] on Linux. AD authentication is also known as Integrated authentication in [!INCLUDEssNoVersion].
AD authentication enables domain-joined clients on either Windows or Linux to authenticate to [!INCLUDEssNoVersion] using their domain credentials and the Kerberos protocol.
AD Authentication has the following advantages over [!INCLUDEssNoVersion] Authentication:
- Users authenticate via single sign-on, without being prompted for a password.
- By creating logins for AD groups, you can manage access and permissions in [!INCLUDEssNoVersion] using AD group memberships.
- Each user has a single identity across your organization, so you don’t have to keep track of which [!INCLUDEssNoVersion] logins correspond to which people.
- AD enables you to enforce a centralized password policy across your organization.
In order to use Active Directory authentication, you must have an AD Domain Controller (Windows) on your network.
The details for how to configure AD authentication are provided in the tutorial, Tutorial: Use Active Directory authentication with SQL Server on Linux. The following list provides a summary with a link to each section in the tutorial:
- Join a SQL Server host to an Active Directory domain.
- Create an AD user for SQL Server and set the ServicePrincipalName.
- Configure the SQL Server service keytab.
- Create AD-based SQL Server logins in Transact-SQL.
- Connect to SQL Server using AD authentication.
- At this time, the only authentication method supported for database mirroring endpoint is CERTIFICATE. WINDOWS authentication method will be enabled in a future release.
- Third-party AD tools like Centrify, Powerbroker, and Vintela are not supported.
For more information on how to implement Active Directory authentication for SQL Server on Linux, see Tutorial: Use Active Directory authentication with SQL Server on Linux.