Generic DB Protocol (SQL)

Search for	Example	Results
A single word	`cat`	Topics that contain the word "cat". You will also find its grammatical variations, such as "cats".
A phrase. You can specify that the search results contain a specific phrase.	`"cat food"` (quotation marks)	Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase.

Search for	Operator	Example
Two or more words in the same topic	`AND` `and` `+` (plus symbol) `&` (ampersand)	`cat AND dog` `"cat food"+milk` `"cat food"&"dog food"`
Either word in a topic	`OR` `or` `\|` (pipe)	`cat OR dog` `cat \| dog`
Topics that do not contain a specific word or phrase	`NOT` `not` `!` (exclamation point)	`NOT cat` `! dog`
Topics that contain one string and do not contain another	`^` (caret)	`cat ^ mouse`
A combination of search types	`( )` parentheses	`cat + (dog \| mouse)` `cat \| dog + (! mouse)`

Parameter	Description
Database Type	The database type. Select the appropriate type from the box. The following database types are supported: DB2 Microsoft SQL Server Microsoft SQL Server (NTLM) Microsoft SQL Server (NTLM v2) MySQL Oracle Sybase PostgreSQL SAP HANA Database SAP MaxDB
Port Number	The port number on which the database server listens. If you enter a port number, DFM tries to connect to a SQL database using this port number. For an Oracle database: If there are many Oracle databases in the environment and you do not want to have to create a new credential for each separate database port, you leave the Port Number field empty. When accessing an Oracle database, DFM refers to the portNumberToPortName.xml file and retrieves the correct port number for each specific Oracle database port. Note You can leave the port number empty on condition that: All Oracle database instances are added to the portNumberToPortName.xml file. For details, see portNumberToPortName.xml File. The same user name and password is needed to access all Oracle database instances.
Connection Timeout	Time-out in milliseconds after which the Probe stops trying to connect to the database.
Username	The name of the user needed to connect to the database.
Password	The password of the user needed to connect to the database.
Instance Name	The name of the database instance, that is, the Oracle system identification or the DB2 database name. When connecting to any database, you can leave this field empty. In this case, DFM takes the SID from the Triggered CI data value: ${DB.name:NA}.
Encryption Method	None. No encryption method will be used. SSL. For Oracle and SAP HANA database only.
Trust Store File Path	Enter the full path to the SSL trust store file. To use the trust store file, do one of the following: Enter the name (including the extension) and place the file in the following resources folder: C:\hp\UCMDB\DataFlowProbe\runtime\probeManager\discoveryResources\ Insert the trust store file full path.
Trust Store Password	The SSL trust store password.

Parameter

Description

Database Type

The database type. Select the appropriate type from the box.

The following database types are supported:

DB2
Microsoft SQL Server
Microsoft SQL Server (NTLM)
Microsoft SQL Server (NTLM v2)
MySQL
Oracle
Sybase
PostgreSQL
SAP HANA Database
SAP MaxDB

Port Number

The port number on which the database server listens.

If you enter a port number, DFM tries to connect to a SQL database using this port number.
For an Oracle database: If there are many Oracle databases in the environment and you do not want to have to create a new credential for each separate database port, you leave the Port Number field empty. When accessing an Oracle database, DFM refers to the portNumberToPortName.xml file and retrieves the correct port number for each specific Oracle database port.

Note You can leave the port number empty on condition that:

All Oracle database instances are added to the portNumberToPortName.xml file. For details, see portNumberToPortName.xml File.
The same user name and password is needed to access all Oracle database instances.

Connection Timeout

Time-out in milliseconds after which the Probe stops trying to connect to the database.

Username

The name of the user needed to connect to the database.

Password

The password of the user needed to connect to the database.

Instance Name

The name of the database instance, that is, the Oracle system identification or the DB2 database name. When connecting to any database, you can leave this field empty. In this case, DFM takes the SID from the Triggered CI data value: ${DB.name:NA}.

Encryption Method

None. No encryption method will be used.
SSL. For Oracle and SAP HANA database only.

Trust Store File Path

Enter the full path to the SSL trust store file.

To use the trust store file, do one of the following:

Enter the name (including the extension) and place the file in the following resources folder: C:\hp\UCMDB\DataFlowProbe\runtime\probeManager\discoveryResources\
Insert the trust store file full path.

Trust Store Password

The SSL trust store password.

Note This protocol supports IPv6.

If you want to use certificate-based authentication, right-click the entry for the credential, select the Edit using previous interface option, and then configure the following settings:

Parameter	Description
Key Store File	Specify the full path to the Java SSL KeyStore.
Key Store Format Type	Select the KeyStore format type.
Key Store Password	Specify the KeyStore password.
Oracle Authentication Services	Enable or disable SSL as an Oracle authentication service. None: Disable TCPS: Enable
Trust Store Format Type	Specify the TrustStore format type.
Validate Certificate	Only for SAP HANA database. Indicates whether to validate the HANA database server’s certificate. Default: false

Parameter

Description

Key Store File

Specify the full path to the Java SSL KeyStore.

Key Store Format Type

Select the KeyStore format type.

Key Store Password

Specify the KeyStore password.

Oracle Authentication Services

Enable or disable SSL as an Oracle authentication service.

None: Disable
TCPS: Enable

Trust Store Format Type

Specify the TrustStore format type.

Validate Certificate

Only for SAP HANA database. Indicates whether to validate the HANA database server’s certificate.

Default: false

Note (For Oracle Database Server Discovery only) If the setting in Key Store Format Type or Trust Store Format Type is not JKS, the following jar files of Oracle public key infrastructure (PKI) need be manually copied to the %DataFlowProbe%\content\lib folder:

oraclepki.jar
osdt_cert.jar
osdt_core.jar

Note When the CyberArk integration is enabled, two radio buttons (Regular Credential and External Vault) are enabled. The existing Username and Password parameters are grouped under the Regular Credential radio button, and CyberArk integration specific parameters Type and Reference are enabled and grouped under the External Vault radio button, as described in the table below.

CyberArk-related Parameters
Parameter	Description
Regular Credential	Enabled when CyberArk integration is enabled. Select this radio button to use regular credential as before. Username. See description above. Password. See description above.
External Vault	Enabled when CyberArk integration is enabled. Select this radio button to use an external credential vault. Type. The external vault type. Currently only CyberArk is supported. Reference. Click to open the Configure dialog box. Reference. Select this option to configure the Reference ID that will be used by UCMDB/UD to retrieve the passwords from the CyberArk Enterprise Password Vault when they are needed. Set the reference ID in the CyberArk Enterprise Password Vault in the following format: <Safe Name>\<Folder Path>\<Reference ID>. Where <Safe Name> is the Safe value in CyberArk, <Folder Path> is the folder where the Safe belongs to, and <Reference ID> is the name of the CyberArk account you specified or auto-generated in CyberArk. For example, NancySafe\Root\nancy-cyberark-testing-refid. Parameter. Select this option to enable configuring a list of editable CyberArk properties as a query string for UCMDB/UD to retrieve passwords from the CyberArk Enterprise Password Vault. To configure a CyberArk property value, click in the Value column for the property, and specify the value in string. The CyberArk properties values must not contain any of the following characters: *\/:?"<>\|'.; The out-of-the-box list of CyberArk properties displayed in the Configure dialog box is editable. You can set selected CyberArk properties as the default list using JMX method setGlobalSettingVaule. For instructions, see "How to Set a Default List of CyberArk Properties Using JMX" in the HPE Universal CMDB Data Flow Management Guide. Regex. Enables configuring CyberArk properties values in regular expressions. For examples of how to use regular expression syntax, see "Regular Expression Examples" in the HPE Universal CMDB Modeling Guide. The CyberArk properties values in regular expression must not contain any of the following characters: : ;**

CyberArk-related Parameters

Parameter

Description

Regular Credential

Enabled when CyberArk integration is enabled. Select this radio button to use regular credential as before.

Username. See description above.
Password. See description above.

External Vault

Enabled when CyberArk integration is enabled. Select this radio button to use an external credential vault.

Type. The external vault type. Currently only CyberArk is supported.
Reference. Click to open the Configure dialog box.
- Reference. Select this option to configure the Reference ID that will be used by UCMDB/UD to retrieve the passwords from the CyberArk Enterprise Password Vault when they are needed.
  
  Set the reference ID in the CyberArk Enterprise Password Vault in the following format: <Safe Name>\<Folder Path>\<Reference ID>.
  
  Where <Safe Name> is the Safe value in CyberArk, <Folder Path> is the folder where the Safe belongs to, and <Reference ID> is the name of the CyberArk account you specified or auto-generated in CyberArk.
  
  For example, NancySafe\Root\nancy-cyberark-testing-refid.
- Parameter. Select this option to enable configuring a list of editable CyberArk properties as a query string for UCMDB/UD to retrieve passwords from the CyberArk Enterprise Password Vault.
  
  To configure a CyberArk property value, click in the Value column for the property, and specify the value in string.
  
  The CyberArk properties values must not contain any of the following characters: \/:*?"<>|'.;
  
  The out-of-the-box list of CyberArk properties displayed in the Configure dialog box is editable. You can set selected CyberArk properties as the default list using JMX method setGlobalSettingVaule. For instructions, see "How to Set a Default List of CyberArk Properties Using JMX" in the HPE Universal CMDB Data Flow Management Guide.
  - Regex. Enables configuring CyberArk properties values in regular expressions.
    
    For examples of how to use regular expression syntax, see "Regular Expression Examples" in the HPE Universal CMDB Modeling Guide.
    
    The CyberArk properties values in regular expression must not contain any of the following characters: : ;