Reference Guide
...
SQL Proxy
User/Device/Policy Definition

Adding a Database as a Device

This section shows how to add one database to the KRON PAM.

Prerequired Configuration: The port number is the identifier of the connection to ORACLE, MSSQL, MySQL and Cassandra, Teradata, Hive, PostgreSQL, and DB2 via a Kron PAM SQL Proxy. The port number must be defined in the Device Properties of the MSSQL, MySQL Cassandra, Teradata, Hive, PostgreSQL, DB2, SAP Hana, and Couchbase databases.

The following system configuration parameter should be set for the port assignment option:

  1. Navigate to Administration > System Config Manager.
  2. Click the blue Add button and inside the pop-up select the Add New System Parameter button.
  3. Set the sql.proxy.bind.port.range parameter with the requested port range.

Parameter Name

Parameter Value

sql.proxy.bind.port.range

Port range (e.g. 1000-2000)

SQL Proxy Bind Port
SQL Proxy Bind Port


The target database is configured as a device:

  1. Navigate to Devices > Inventory.
  2. Click the blue Add button and inside the pop-up select the Add Device button.
  3. Information, Enter the following required information: a. IP address b. Device Name c. Port (if not set, the default port is used according to the access protocol) d. Access protocol (Oracle TNS, MSSQL, PostgreSQL etc.). When you select Access protocol the following inputs will appear: i. Database Name ii. Username of Database User (this must match with the created User’s username) iii. Password of Database User e. Element Type
Database Device Addition / Information Section
Database Device Addition / Information Section

  • Group Membership, enter your device group.
Document image

  • Properties, click the Auto Assign (This will use the setup parameter of the system configuration manager guided earlier)
  • Click the Test Connection button to control the connection information you provided.
Database Device Addition / SQL PROXY Bind Port in Properties Section
Database Device Addition / SQL PROXY Bind Port in Properties Section


Once the configurations are complete, to define a database, go to the options button of the device you defined.

Database Device Addition
Database Device Addition

Database Device Addition
Database Device Addition

Database Device Addition
Database Device Addition


When you select Access protocol the following inputs will appear:

  • Database/Service Name:
    This is the name of the database you want to connect to. It’s a unique identifier for the database on the server.
  • Username:
    This is the username of the account you’re using to access the database. It must match the username created by the User.
  • Database Password:
    This is the password associated with the database username. It’s used to authenticate the user and grant access to the database.
  • Alias (optional):
    This is an optional nickname you can give to the database connection (only in Oracle databases). It’s used to easily identify the database in the future without having to remember the specific database name.

Finally, you can click the ‘Test Connection’ button to check the credentials are right or not.