Help Center> Cloud Bastion Host> User Guide> Operation> Host Operation> Logging In to and Maintaining Database Resources Using an SSO Client
Updated on 2023-09-22 GMT+08:00
View PDF

Logging In to and Maintaining Database Resources Using an SSO Client

CBH allows you to use single sign-on (SSO) tools to invoke the database client tool for database resource O&M and operation audit. Before your start, install the SSO and database client tools and then configure the path of the database client tool.

This topic describes how to configure the SSO client and how to use the SSO tool to log in to database resources.

There are four options for the single sign-on (SSO) tool:

  • Mysq cmd
  • Mysql Adminstrator
  • Navicat
  • DBeaver (supported by bastion host V3.3.48.0 and later versions)

Constraints

  • The database operation audit is available only in the CBH professional editions.
  • Database operation audit is supported for MySQL, SQL Server, Oracle, and DB2 databases, but unsupported for PostgreSQL databases.
  • DBeaver supports only MySQL and Oracle databases.
  • The client tool can be invoked only through SsoDBSettings.
  • Only some database clients can be invoked through an SSO tool. For details, see the following table.
    Table 1 Supported database protocols, versions, and clients

    Database Type

    Version

    Supported Client

    MySQL

    MySQL 5.5, 5.6, 5.7, and 8.0

    Navicat 11, 12, 15, and 16

    MySQL Administrator 1.2.17

    MySQL CMD

    Microsoft SQL Server

    2017

    Navicat 11, 12, 15, and 16

    SSMS 17.6

    Oracle

    Oracle 10g, 11g, and 12c

    Toad for Oracle 11.0, 12.1, 12.8, and 13.2

    Navicat 11, 12, 15, and 16

    PL/SQL Developer 11.0.5.1790

    DB2

    DB2 Express-C

    DB2 CMD command line 11.1.0

    PostgreSQL

    Not supported

    -

    You need to download the databases and versions supported by CBH by yourselves.

Prerequisites

  • You have the management permissions for the Host Operation module.
  • You have obtained the access permissions for the resources.
  • You have installed the client tool.
  • The network connection between the managed host and the system is normal, and the account username and password for logging in to the managed host are correct.

Procedure

  1. Log in to the CBH system.
  2. Choose Operation > Host Operation to go to the Host Operation page.

    Figure 1 Host Operation

  3. Select a host resource of the database protocol type and click Login.

    • When you first time log in to the database, you will see the SsoDBSettings download window.
    • The download tool varies depending on the CBH version you are using.

      For example, if you are using CBH V.3.3.44.0, SSO tool Windows and UOS (Arm) are provided. You can select either of them from the drop-down list.

  4. Select the client tool that has been installed and click OK.

    The local database client is automatically invoked.

  5. Log in to the database for operations.

Configuring the SSO Client

The following uses the Navicat client as an example to describe how to configure the client path.

  1. Start local SSO tool SsoDBSettings.
  2. Click the path configuration icon next to Navicat Path.
  3. Find the absolute path where the Navicat client is installed, select the .exe file, and click Open.
  4. Go to the SsoDBSettings SSO tool configuration page and view the selected Navicat client path.
  5. Click Save to return to the Host Operation page of the CBH system. Then, you can log in to the database using the SSO tool.
Parent topic: Host Operation