Objective   

Prerequisites   

• Ensure you have SQL Server 2012, 2014, 2016, 2017, 2019, or 2022.

• Copy the following files from the SQL Server installation directory to the ADSelfService Plus installation directory to enable bulk data modifications:

• For SQL Server 2014 and above: Install the appropriate Microsoft Open Database Connectivity Driver for SQL Server on the machine where ADSelfService Plus is installed.
• For SQL Server 2012: Install SQL Server Native Client.

• Ensure the SQL Server Browser service is running on the database server.
• Verify that TCP/IP and Named Pipes are enabled for your SQL Server instance.

• Ensure you have administrator rights on the ADSelfService Plus server.
• Ensure the user account used for the configuration has sysadmin and db_owner roles in the SQL Server instance.

Steps to configure SQL Server as the back-end database   

1. Navigate to the ADSelfService Plus installation directory: <ADSelfService_Plus_installation_directory>\bin\
2. Right-click ChangeDB.bat and select Run as administrator.
3. A Command Prompt window will appear:
• For a fresh installation (no data to migrate), execute ChangeDB.bat.
• To migrate existing data from PostgreSQL, execute ChangeDB.bat true.

1. In the Database Setup Wizard that appears, select MSSQL Server from the Server Type drop-down.
2. Enter the Host Name of the server where your SQL Server instance resides.
3. The wizard will automatically detect the Port and Available MSSQL Server Instances. Select the correct SQL Server instance from the list.
4. Enter a unique Database Name for ADSelfService Plus (for example, ADSelfServiceDB).

• Windows Authentication
• This method uses the credentials of a Windows service account.
• Provide the Domain Name, User Name, and Password of an account that has the required permissions on the SQL server.

Note: This is only supported when the ADSelfService Plus server and the SQL server are in the same domain. 

• SQL Server Authentication

• This method uses a dedicated SQL Server login.
• Provide the User Name and Password of the SQL Server account.

1. Click Test to verify that ADSelfService Plus can successfully connect to the database with the provided credentials.
2. If the test fails, review all the previous steps, paying close attention to the firewall rules, user permissions, and credential accuracy.
3. Once the test is successful, click Save.

Validation and confirmation   

1. To confirm the configuration, restart the ADSelfService Plus service.
2. You can verify that the database is connected in one of the following ways:
• Check the file database_params.conf in the <ADSelfService Plus installation directory>\conf folder. The drivername attribute will display the value.
• Navigate to the Support tab. Click More in the top-right corner. Under Environment Details, view the database details.

Best practices   

• Use a service account: For enhanced security, use a dedicated service account that follows the principle of least privilege for the database connection instead of a general administrator account.
• Back up the ADSelfService Plus configuration: Before initiating the database change, it is highly recommended to make a full backup of the existing ADSelfService Plus configuration by running the backupDB.bat script located in the <ADSelfService_Plus_installation_directory>\bin\ folder. A folder-level backup is also recommended.
• Secure the connection: For production environments, consider encrypting the connection between ADSelfService Plus and the SQL server using SSL to protect data in transit.
  

How to reach support