MSSQL SSO Server (Legacy)
Discover how Pleasant Password Server will enhance KeePass for business
(Versions 7.5.2+, Enterprise+SSO)
NOTE: MSSSQL SSO Server is now a legacy module which is no longer supported.
It allows users to access SQL Server databases through SQL Server Management Studio without the password ever being on their machine.
This page describes the steps needed to use the MSSQL SSO functionality of Pleasant Password Server.
For this example scenario, we connect to:
- a server called srvmssql running Microsoft SQL Server (MSSQL)
- on port 2212
- with username/password: dbadmin/dbpass
Creating a MSSQL Entry
The first step is to add the entry to Pleasant Password Server. To do this:
- Login to the Password Server Web Client using your username/password (eg. admin/admin123)
- Navigate to the Home tab > Click on a folder > Select the Add Entry button and enter values
- Title: (e.g. MSSQL Server 1)
- Username: (e.g. dbadmin)
- Password: (e.g. dbpass)
- Url: (e.g. srvmssql,2212)
- Format is: hostname,portnumber OR IP,portnumber
- Default portnumber: is 1433
- Click Add
- Right-click on the new entry, select SSO and enter a unique value in the field:
- Unique Identifier: (e.g. abc)
Enabling MSSQL SSO
The next step is to make sure the MSSQL SSO server is turned on. The first time you enable MSSQL SSO, you will want to do so while browsing from your Password Server Host machine.
To start the SSO:
- Navigate to the SSO Server tab > SSO Server Status window
- Set the MSSQL SSO Server toggle to ON (if it is not on yet)
- The Password Server host machine may popup requesting firewall access
- Grant the MSSQL SSO server access to listen on port 3333
Connecting to MSSQL SSO
The final step is to use the MSSQL SSO server in an application that connects to MSSQL. The following steps explain how to do this for the SQL Server Management Studio (SSMS).
- First, open up SSMS, and enter these values:
Server Name and Port: (e.g. localhost,3333)
- Format is: hostname,portnumber OR IP,portnumber
- This is from the SSO Settings page
- Login: (e.g. admin:abc)
- Format is: username:UniqueIdentifer
- Password: (e.g. admin123)
- This is the user's password (e.g. not the MSSQL Entry password)
- Connection Time-Out
- Click the Options button (or Connection Properties tab) and increase the Connection time-out field to 60 seconds.
- Note: this allows more time for the initial connection, to prevent early time-outs, and can be decreased in the future.
- Note: this allows more time for the initial connection, to prevent early time-outs, and can be decreased in the future.
- Click the Options button (or Connection Properties tab) and increase the Connection time-out field to 60 seconds.
- Press Connect! You should successfully be connected to your MSSQL instance.
Troubleshooting
- Check that the PassMan.Proxy.MsSql is running
- Check increased logs (follow the same steps for RDP, SSO logging)
- Check for Event log errors: EventViewer > Windows Logs > Application
- Ensure you are logging into the Password Server host and using your own login password