Supportability > Supported Protocols > Generic DB (SQL) Protocol

Generic DB Protocol (SQL)

Parameter

Description

Database Type

The database type. Select the appropriate type from the box.

The following database types are supported:

  • DB2

  • Microsoft SQL Server

  • Microsoft SQL Server (NTLM)

  • Microsoft SQL Server (NTLM v2)

  • MySQL

  • Oracle

  • Sybase

  • PostgreSQL
  • SAP HANA Database
  • SAP MaxDB
Port Number

The port number on which the database server listens.

  • If you enter a port number, DFM tries to connect to a SQL database using this port number.

  • For an Oracle database: If there are many Oracle databases in the environment and you do not want to have to create a new credential for each separate database port, you leave the Port Number field empty. When accessing an Oracle database, DFM refers to the portNumberToPortName.xml file and retrieves the correct port number for each specific Oracle database port.

Note You can leave the port number empty on condition that:

  • All Oracle database instances are added to the portNumberToPortName.xml file. For details, see portNumberToPortName.xml File.

  • The same user name and password is needed to access all Oracle database instances.

Connection Timeout

Time-out in milliseconds after which the Probe stops trying to connect to the database.

Username

The name of the user needed to connect to the database.

Password

The password of the user needed to connect to the database.

Instance Name

The name of the database instance, that is, the Oracle system identification or the DB2 database name. When connecting to any database, you can leave this field empty. In this case, DFM takes the SID from the Triggered CI data value: ${DB.name:NA}.

Encryption Method
  • None. No encryption method will be used.
  • SSL. For Oracle and SAP HANA database only.
Trust Store File Path

Enter the full path to the SSL trust store file.

To use the trust store file, do one of the following:

  • Enter the name (including the extension) and place the file in the following resources folder: C:\hp\UCMDB\DataFlowProbe\runtime\probeManager\discoveryResources\

  • Insert the trust store file full path.

Trust Store Password

The SSL trust store password.

Note This protocol supports IPv6.

If you want to use certificate-based authentication, right-click the entry for the credential, select the Edit using previous interface option, and then configure the following settings:

Parameter

Description

Key Store File

Specify the full path to the Java SSL KeyStore.

Key Store Format Type Select the KeyStore format type.
Key Store Password Specify the KeyStore password.
Oracle Authentication Services

Enable or disable SSL as an Oracle authentication service.

  • None: Disable
  • TCPS: Enable
Trust Store Format Type Specify the TrustStore format type.
Validate Certificate

Only for SAP HANA database. Indicates whether to validate the HANA database server’s certificate.

Default: false

Note (For Oracle Database Server Discovery only) If the setting in Key Store Format Type or Trust Store Format Type is not JKS, the following jar files of Oracle public key infrastructure (PKI) need be manually copied to the %DataFlowProbe%\content\lib folder:

  • oraclepki.jar
  • osdt_cert.jar
  • osdt_core.jar

Note When the CyberArk integration is enabled, two radio buttons (Regular Credential and External Vault) are enabled. The existing Username and Password parameters are grouped under the Regular Credential radio button, and CyberArk integration specific parameters Type and Reference are enabled and grouped under the External Vault radio button, as described in the table below.

CyberArk-related Parameters

Parameter

Description

Regular Credential

Enabled when CyberArk integration is enabled. Select this radio button to use regular credential as before.

  • Username. See description above.
  • Password. See description above.

External Vault

Enabled when CyberArk integration is enabled. Select this radio button to use an external credential vault.

  • Type. The external vault type. Currently only CyberArk is supported.
  • Reference. Click to open the Configure dialog box.

    • Reference. Select this option to configure the Reference ID that will be used by UCMDB/UD to retrieve the passwords from the CyberArk Enterprise Password Vault when they are needed.

      Set the reference ID in the CyberArk Enterprise Password Vault in the following format: <Safe Name>\<Folder Path>\<Reference ID>.

      Where <Safe Name> is the Safe value in CyberArk, <Folder Path> is the folder where the Safe belongs to, and <Reference ID> is the name of the CyberArk account you specified or auto-generated in CyberArk.

      For example, NancySafe\Root\nancy-cyberark-testing-refid.

    • Parameter. Select this option to enable configuring a list of editable CyberArk properties as a query string for UCMDB/UD to retrieve passwords from the CyberArk Enterprise Password Vault.

      To configure a CyberArk property value, click in the Value column for the property, and specify the value in string.

      The CyberArk properties values must not contain any of the following characters: \/:*?"<>|'.;

      The out-of-the-box list of CyberArk properties displayed in the Configure dialog box is editable. You can set selected CyberArk properties as the default list using JMX method setGlobalSettingVaule. For instructions, see "How to Set a Default List of CyberArk Properties Using JMX" in the HPE Universal CMDB Data Flow Management Guide.

      • Regex. Enables configuring CyberArk properties values in regular expressions.

        For examples of how to use regular expression syntax, see "Regular Expression Examples" in the HPE Universal CMDB Modeling Guide.

        The CyberArk properties values in regular expression must not contain any of the following characters: : ;