Configure SQL Server

For connections to SQL Server from an on-premises XenMobile Server, you can use the default driver, jTDS, or the Microsoft Java Database Connectivity (JDBC) driver. The jTDS driver is the default driver when you:

  • Install XenMobile Server on-premises.
  • Upgrade from a XenMobile Server that’s configured to use the jTDS driver.

For both drivers, XenMobile supports SQL Server authentication or Windows authentication. For those combinations of authentication and driver, SSL can be on or off.

When you use Windows authentication with the Microsoft JDBC driver, the driver uses integrated authentication with Kerberos. XenMobile contacts Kerberos to obtain the Kerberos Key Distribution Center (KDC) details. If the required details aren’t available, the XenMobile CLI prompts for the IP address of the Active Directory server.

To switch from the jTDS driver to the JDBC driver, SSH to all your XenMobile Server nodes and use the XenMobile CLI for configuration. The steps vary according to your current jTDS driver configuration, as follows.

Switch to Microsoft JDBC (SQL Server authentication)

To complete these steps, you need the SQL Server user name and password.

  1. SSH to all XenMobile Server nodes.

  2. In the XenMobile CLI main menu, type 2 to select the System Menu.

  3. Type 12 to select Advanced Settings.

  4. Type 7 to select Switch JDBC driver, and then type m for Microsoft.

    Image of choosing JDBC driver

  5. When prompted, type y to choose SQL authentication and then type the SQL Server user name and password.

  6. Repeat the steps for each XenMobile Server node.

  7. Restart each XenMobile Server node.

Switch to Microsoft JDBC (SSL is off; Windows authentication)

To complete these steps, you need the Active Directory user name and password, the Kerberos KDC realm, and the KDC user name.

  1. SSH to all XenMobile Server nodes.

  2. In the XenMobile CLI main menu, type 2 to select the System Menu.

  3. Type 12 to select Advanced Settings.

  4. Type 7 to select Switch JDBC driver, and then type m.

  5. When prompted whether to use SQL Server authentication, type n.

  6. When prompted, type the Active Directory user name and password configured for the SQL server.

  7. If XenMobile doesn’t auto-discover the Kerberos KDC realm, it prompts for the KDC details, including the SQL server FQDN.

  8. When prompted whether to use SSL, type n. XenMobile saves the configuration. If XenMobile can’t save the configuration because of errors, it shows an error message and the details that you entered.

  9. Repeat the steps for each XenMobile Server node.

  10. Restart each XenMobile Server node.

To change the XenMobile database password

Follow this guidance to change the XenMobile database password, such as when Citrix Support directs you to make a password change.

Important:

  • Plan a scheduled maintenance window for changing the database password. A password change must occur during system downtime.
  • When you change the password, ensure that all XenMobile nodes are connected to the network. After you change the password, restart XenMobile.

    If you don’t restart XenMobile after a password change, XenMobile goes into recovery mode. You must then revert to the old password in SQL server, restart XenMobile, and change the password again.

  • If SQL server uses Windows authentication, make the database password change in Windows Active Directory.
  1. Verify that all XenMobile Server nodes are running. For a clustered environment, bring up all nodes.

  2. Block the incoming device traffic to XenMobile at the Netscaler load balancer by disabling the vServers.

  3. To change the database password in SQL server: Log in to the XenMobile CLI, navigate to Configuration > Database, and enter the changed password when prompted:

    Server []: <ipAddress>
    Port [1433]: 1433
    Username [sa]: <userName>
    Password: <****>
    
  4. Choose Y to restart the server.

  5. Repeat steps 3 and 4 for all the other nodes in the cluster.

  6. Unblock the incoming device traffic by enabling the vServers at the NetScaler load balancer.