Before you create a catalog source, ensure that you have the information required to connect to the source system.
Perform the following tasks:
•Assign the required permissions.
• Configure the permissions for the Microsoft SQL Server database user account that you use to connect to Microsoft SQL Server.
Note: The user account that you use to connect to Microsoft SQL Server must be an SQL Server login account.
•Configure a connection to the Microsoft Azure SQL Server source system in Administrator.
•Create endpoint catalog sources for connection assignment.
•Optionally, if you want to identify pairs of similar columns and relationships between tables within a catalog source, import a relationship inference model.
Verify permissions
To extract metadata and to configure other capabilities that a catalog source might include, you need account access and permissions on the source system. The permissions required might vary depending on the capability.
Permissions to extract metadata
Ensure that you have the required permissions to enable metadata extraction.
Configure the VIEW DEFINITION permission for the user account.
Note: The VIEW DEFINITION permission lists all the schemas from where the user can load metadata.
Grant the following permissions before you configure the catalog source:
•select on sys.all_columns
•select on sys.all_objects
•select on sys.all_parameters
•select on sys.databases
•select on sys.database_principals
•select on sys.foreign_key_columns
•select on sys.indexes
•select on sys.index_columns
•select on sys.partitions
•select on sys.schemas
•select on sys.sql_modules
•select on sys.synonyms
•select on sys.types
•select on sys.tables
•select on sys.table_types
Permissions to run data profiles
Ensure that you have the required permissions to run profiles.
To perform data profiling on Microsoft Azure SQL Server, grant SELECT permissions for tables and views that you want to profile.
Permissions to perform data classification
You can perform data classification with the permissions required to perform metadata extraction.
Permissions to perform relationship discovery
You can perform relationship discovery with the permissions required to perform metadata extraction.
Permissions to perform glossary association
You can perform glossary association with the permissions required to perform metadata extraction.
Create a connection
Before you configure the Microsoft Azure SQL Server catalog source, create a connection object in Administrator.
1In Administrator, select Connections.
2Click New Connection.
3In the Connection Details section, enter the following connection details:
Connection property
Description
Connection Name
Name of the connection.
Each connection name must be unique within the organization. Connection names can contain alphanumeric characters, spaces, and the following special characters: _ . + -,
Maximum length is 255 characters.
Description
Description of the connection. Maximum length is 4000 characters.
4Select the SQL Server connection type.
5Enter properties specific to the connection:
Property
Description
Runtime Environment
The name of the runtime environment where you want to run the tasks.
A runtime environment is either Informatica Cloud Secure Agent or a serverless runtime environment.
SQL Server Version
This property is not applicable for Microsoft SQL Server Connector.
Authentication Mode
The authentication method to connect to Microsoft Azure SQL Server.
Select one of the following authentication modes:
- SQL Server Authentication. Use the user name and password to connect to Microsoft Azure SQL Server.
- Active Directory Password. Use the Microsoft Azure Active Directory user name and password to authenticate and to access a Microsoft Azure SQL Database.
- Windows Authentication v2. Use this authentication method to access Microsoft Azure SQL Server using the agent hosted on a Linux or Windows machine. When you choose this option on Linux, enter your domain name and Microsoft Windows credentials to access Microsoft SQL Server.
- Service Principal Authentication. Use the client ID and client secret for your application registered in the ENTRA ID to access a Microsoft Azure SQL Database.
Username
User name to connect to the Microsoft SQL Server database.
Password
Password to connect to the Microsoft SQL Server database.
Client ID
Applicable if you select Service Principal Authentication. The client ID or application ID of your application registered in the ENTRA ID.
Client Secret
Applicable if you select Service Principal Authentication. The client secret key generated for the client ID to complete the OAuth authentication in the ENTRA ID.
Host
Name of the machine hosting the database server.
To connect to Microsoft Azure SQL Database, specify the fully qualified host name.
For example, vmjcmwxsfboheng.westus.cloudapp.azure.com.
Port
Network port number used to connect to the database server.
Default is 1433.
Code Page
The code page of the database server.
Schema
Schema used for the target connection.
Database Name
Database name for the Microsoft SQL Server target connection.
Database name is case-sensitive if the database is case-sensitive. Maximum length is 100 characters.
Database names can include alphanumeric and underscore characters.
Encryption Method
The method that the Secure Agent uses to encrypt the data sent between the driver and the database server. You can use the encryption method to connect to Microsoft Azure SQL Database.
Default is None.
Crypto Protocol Version
Cryptographic protocols to use when you enable SSL encryption.
Validate Server Certificate
When set to True, Secure Agent validates the certificate that is sent by the database server.
If you specify the HostNameInCertificate parameter, Secure Agent also validates the host name in the certificate.
When set to false, the Secure Agent doesn't validate the certificate that is sent by the database server.
Trust Store
The location and name of the truststore file. The truststore file contains a list of Certificate Authorities (CAs) that the driver uses for SSL server authentication.
For the serverless runtime environment, specify the following certificate path in the serverless agent directory:
The password to access the contents of the truststore file.
Host Name in Certificate
Host name of the machine that hosts the secure database. If you specify a host name, the Secure Agent validates the host name included in the connection with the host name in the SSL certificate.
6Click Test Connection.
7Click Save.
Create endpoint catalog sources for connection assignment
An endpoint catalog source represents a source system that the catalog source references. Before you perform connection assignment, create endpoint catalog sources and run the catalog source jobs.
You can then perform connection assignment to reference source systems to view complete lineage with source system objects.
Import a relationship inference model
Import a relationship inference model if you want to configure the relationship discovery capability. You can either import a predefined relationship inference model, or import a model file from your local machine.
1In Metadata Command Center, click Explore on the navigation panel.
2Expand the menu and select Relationship Inference Model. The following image shows the Explore page with the Relationship Inference Model menu:
3Select one of the following options:
- Import Predefined Content. Imports a predefined relationship inference model called Column Similarity Model v1.0.
- Import. Imports the predefined relationship inference model from your local machine. Select this if you previously imported predefined content into your local machine and the inference model is stored on the machine.
To import a file, click Choose File in the Import Relationship Inference Model window and navigate to the model file on your local machine. You can also drag and drop the file.
The imported models appear in the list of relationship inference models on the Relationship Discovery tab.
