commands

^

Test-DbaConnectionAuthScheme

Author Chrissy LeMaire (@cl), netnerds.net
Availability Windows, Linux, macOS

 

Synopsis

Returns the transport protocol and authentication scheme of the connection. This is useful to determine if your connection is using Kerberos.

Description

By default, this command will return the ConnectName, ServerName, Transport and AuthScheme of the current connection.

ConnectName is the name you used to connect. ServerName is the name that the SQL Server reports as its @@SERVERNAME which is used to register its SPN. If you were expecting a Kerberos connection and got NTLM instead, ensure ConnectName and ServerName match.

If -Kerberos or -Ntlm is specified, the $true/$false results of the test will be returned. Returns $true or $false by default for one server. Returns Server name and Results for more than one server.

Syntax

Test-DbaConnectionAuthScheme
    [-SqlInstance] <DbaInstanceParameter[]>
    [[-SqlCredential] <PSCredential>]
    [-Kerberos]
    [-Ntlm]
    [-EnableException]
    [<CommonParameters>]

 

Examples

 

Example: 1
PS C:\> Test-DbaConnectionAuthScheme -SqlInstance sqlserver2014a, sql2016

Returns ConnectName, ServerName, Transport and AuthScheme for sqlserver2014a and sql2016.

Example: 2
PS C:\> Test-DbaConnectionAuthScheme -SqlInstance sqlserver2014a -Kerberos

Returns $true or $false depending on if the connection is Kerberos or not.

Example: 3
PS C:\> Test-DbaConnectionAuthScheme -SqlInstance sqlserver2014a | Select-Object *

Returns the results of "SELECT * from sys.dm_exec_connections WHERE session_id = @@SPID"

Required Parameters

-SqlInstance

The target SQL Server instance or instances. Server(s) must be SQL Server 2005 or higher.

Alias
Required True
Pipeline true (ByValue)
Default Value

Optional Parameters

-SqlCredential

Login to the target instance using alternative credentials. Accepts PowerShell credentials (Get-Credential). Windows Authentication, SQL Server Authentication, Active Directory - Password, and Active Directory - Integrated are all supported. For MFA support, please use Connect-DbaInstance.

Alias Credential,Cred
Required False
Pipeline false
Default Value
-Kerberos

If this switch is enabled, checks will be made for Kerberos authentication.

Alias
Required False
Pipeline false
Default Value False
-Ntlm

If this switch is enabled, checks will be made for NTLM authentication.

Alias
Required False
Pipeline false
Default Value False
-EnableException

By default, when something goes wrong we try to catch it, interpret it and give you a friendly warning message. This avoids overwhelming you with "sea of red" exceptions, but is inconvenient because it basically disables advanced scripting. Using this switch turns this "nice by default" feature off and enables you to catch exceptions with your own try/catch.

Alias
Required False
Pipeline false
Default Value False

 

Want to see the source code for this command? Check out Test-DbaConnectionAuthScheme on GitHub.
Want to see the Bill Of Health for this command? Check out Test-DbaConnectionAuthScheme.