The Actual SQL Server ODBC Driver lets you access your company's Microsoft SQL Server database from within Microsoft Excel or FileMaker Pro. You can connect to any database you are authorized to use, and work with the data just like your Windows-using co-workers. The driver also connects to Sybase databases.
This driver installs completely on your Mac nothing is installed on the server itself. Both methods of SQL Server authentication are supported: SQL Server native accounts and trusted domain accounts. There is no special configuration of the database required for you to connect - all you need is a user ID and password.
Take Advantage of the Full Power of Excel
Microsoft Excel has built-in support for ODBC database queries. Use our ODBC driver to connect Excel to your company's SQL Server database. Then you can use the information from the database in your spreadsheet formulas and charts and graphs.
Easy Installation and Setup
The instructions below apply to Excel 2016, 2019 and Office 365 for Mac. These versions of Excel do provide an ODBC driver for connecting to SQL Server. ODBC Driver on Linux and macOS Support for High Availability and Disaster Recovery. The ODBC drivers for Linux and macOS support AlwaysOn Availability Groups. For more information about AlwaysOn Availability Groups, see: You can specify the availability group listener of a given availability group in the connection string.
The driver includes a setup assistant that will walk you through setting up a connection to your database. On-line help is always available to provide explanations of all parameters. For simple connections, you only need to specify 2 fields! All installation takes place on your Mac - nothing is installed on the server.
Connect to SQL Server in the Cloud
In addition to local databases, the driver now supports cloud-based solutions. The Microsoft Azure SQL Database is a great way to enjoy the benefits of a scaleable and reliable database with near-zero maintenance. And Amazon Relational Database Service (RDS) provides a fast and easy way to configure multiple SQL Server versions in the cloud. The Actual Technologies ODBC driver makes it easy to connect to both of these great cloud-based databases in just a few clicks.
IT Support Staff Will Be Happy
IT support staff typically don't like to install special software on their servers - software that could affect the reliability or performance of a critical resource. That's why our driver resides only on the client Mac, and communicates with the database software that already exists on the server.
Our driver supports both methods of SQL Server authentication - SQL Server accounts and trusted domain accounts. This means that no special configuration of the database is needed in order for you to connect. You just need an account, using whatever authentication method your organization has chosen.
In addition, anyone who is already familiar with setting up an ODBC connection on Microsoft Windows will be right at home using our setup assistant. Our driver uses the same terminology and we've organized our screens similarly.
Access SQL Server From Your Own Programs
You can use our driver to access a SQL Server database from your own custom applications - including PHP and REALbasic. Example source code is now available for Carbon, REALbasic, and PHP, and we will soon be providing tutorials and example source code for other languages. Many commercial applications take advantage of ODBC connectivity using this driver.
Download and evaluate our driver today. You will be able to install the driver, set up a connection, and retrieve data* from your database using Excel or FileMaker. You will also have access to our on-line help and technical support.
* Downloaded driver has all features turned on, except that it will only return 3 rows from any query until the driver is registered. Once you are ready to register your driver, just go to our secure on-line store. We will send you a license key that will allow an unlimited number of rows to be returned from any query.
- SQL Server 2000 or later, including all editions of SQL Server 2017
- Microsoft Azure SQL Database
- Sybase ASE 12 or later
- Sybase ASA / iAnywhere 5.5 or later
- Mac OS 10.9 or later (including 10.15 Catalina)
- Intel Macs
The Microsoft ODBC Driver for SQL Server on Linux and macOS supports connections that use Kerberos integrated authentication. It supports the MIT Kerberos Key Distribution Center (KDC), and works with Generic Security Services Application Program Interface (GSSAPI) and Kerberos v5 libraries.
Using Integrated Authentication to Connect to SQL Server from an ODBC Application
You can enable Kerberos integrated authentication by specifying Trusted_Connection=yes in the connection string of SQLDriverConnect or SQLConnect. For example:
When connecting with a DSN, you can also add Trusted_Connection=yes to the DSN entry in odbc.ini.
The -E option of sqlcmd and the -T option of bcp can also be used to specify integrated authentication; see Connecting with sqlcmd and Connecting with bcp for more information.
Ensure that the client principal which is going to connect to SQL Server is already authenticated with the Kerberos KDC.
ServerSPN and FailoverPartnerSPN are not supported.
Deploying a Linux or macOS ODBC Driver Application Designed to Run as a Service
A system administrator can deploy an application to run as a service that uses Kerberos Authentication to connect to SQL Server.
You first need to configure Kerberos on the client and then ensure that the application can use the Kerberos credential of the default principal.
Ensure that you use kinit or PAM (Pluggable Authentication Module) to obtain and cache the TGT for the principal that the connection uses, via one of the following methods:
Run
kinit, passing in a principal name and password.Run
kinit, passing in a principal name and a location of a keytab file that contains the principal's key created byktutil.Ensure that the login to the system was done using the Kerberos PAM (Pluggable Authentication Module).
When an application runs as a service, because Kerberos credentials expire by design, renew the credentials to ensure continued service availability. The ODBC driver does not renew credentials itself; ensure that there is a cron job or script that periodically runs to renew the credentials before their expiration. To avoid requiring the password for each renewal, you can use a keytab file.
Kerberos Configuration and Use provides details on ways to Kerberize services on Linux.
Tracking Access to a Database
A database administrator can create an audit trail of access to a database when using system accounts to access SQL Server using Integrated Authentication.
Logging in to SQL Server uses the system account and there is no functionality on Linux to impersonate security context. Therefore, more is required to determine the user.
To audit activities in SQL Server on behalf of users other than the system account, the application must use Transact-SQL EXECUTE AS.
To improve application performance, an application can use connection pooling with Integrated Authentication and auditing. However, combining connection pooling, Integrated Authentication, and auditing creates a security risk because the unixODBC driver manager permits different users to reuse pooled connections. For more information, see ODBC Connection Pooling.
Before reuse, an application must reset pooled connections by executing sp_reset_connection.
Using Active Directory to Manage User Identities
An application system administrator does not have to manage separate sets of login credentials for SQL Server. It is possible to configure Active Directory as a key distribution center (KDC) for Integrated Authentication. See Microsoft Kerberos for more information.
Using Linked Server and Distributed Queries
Viso viewer for mac. Developers can deploy an application that uses a linked server or distributed queries without a database administrator who maintains separate sets of SQL credentials. In this situation, a developer must configure an application to use integrated authentication:
User logs in to a client machine and authenticates to the application server.
The application server authenticates as a different database and connects to SQL Server.
SQL Server authenticates as a database user to another database (SQL Server.
After integrated authentication is configured, credentials will be passed to the linked server.
Integrated Authentication and sqlcmd
To access SQL Server using integrated authentication, use the -E option of sqlcmd. Ensure that the account which runs sqlcmd is associated with the default Kerberos client principal.
Integrated Authentication and bcp
To access SQL Server using integrated authentication, use the -T option of bcp. Ensure that the account which runs bcp is associated with the default Kerberos client principal.
It is an error to use -T with the -U or -P option.
Supported Syntax for an SPN Registered by SQL Server
The syntax that SPNs use in the connection string or connection attributes is as follows:
| Syntax | Description |
|---|---|
| MSSQLSvc/fqdn:port | The provider-generated, default SPN when TCP is used. port is a TCP port number. fqdn is a fully qualified domain name. |
Authenticating a Linux or macOS Computer with Active Directory
To configure Kerberos, enter data into the krb5.conf file. krb5.conf is in /etc/ but you can refer to another file using the syntax e.g. export KRB5_CONFIG=/home/dbapp/etc/krb5.conf. The following is an example krb5.conf file:
If your Linux or macOS computer is configured to use the Dynamic Host Configuration Protocol (DHCP) with a Windows DHCP server providing the DNS servers to use, you can use dns_lookup_kdc=true. Now, you can use Kerberos to sign in to your domain by issuing the command kinit alias@YYYY.CORP.CONTOSO.COM. Parameters passed to kinit are case-sensitive and the SQL Server computer configured to be in the domain must have that user alias@YYYY.CORP.CONTOSO.COM added for login. Now, you can use trusted connections (Trusted_Connection=YES in a connection string, bcp -T, or sqlcmd -E). How to install xlink kai for mac.
The time on the Linux or macOS computer and the time on the Kerberos Key Distribution Center (KDC) must be close. Ensure that your system time is set correctly, e.g. by using the Network Time Protocol (NTP).
If Kerberos authentication fails, the ODBC driver on Linux or macOS does not use NTLM authentication.
For more information about authenticating Linux or macOS computers with Active Directory, see Authenticate Linux Clients with Active Directory and Best Practices for Integrating OS X with Active Directory. For more information about configuring Kerberos, see the MIT Kerberos Documentation.