The AuthenticationMethod connection property controls which authentication mechanism the driver uses when establishing connections. When AuthenticationMethod=auto, the driver uses SQL Server authentication, Kerberos authentication, or NTLM authentication when establishing a connection based on the following criteria:

  • If a user ID and password is specified, the driver uses SQL Server authentication when establishing a connection. The User property provides the user ID. The Password property provides the password.
  • If a user ID and password is not specified and the driver is not running on a Windows platform, the driver uses Kerberos authentication when establishing a connection.
  • If a user ID and password is not specified and the driver is running on a Windows platform, the driver uses NTLM authentication when establishing a connection if the driver can load the DLL required for NTLM authentication. If the driver cannot load the DLL, the driver uses Kerberos authentication.

If set to ActiveDirectoryPassword, the driver uses Azure Active Directory (Azure AD) authentication when establishing a connection to an Azure SQL Database data store. In addition to specifying a user ID and password, a value must be specified for the HostNameInCertificate property. All communications to the service are encrypted using SSL.

When AuthenticationMethod=kerberos, the driver uses Kerberos authentication when establishing a connection. The driver ignores any values specified by the User property and Password properties.

When AuthenticationMethod=ntlm, the driver uses NTLM authentication when establishing a connection if the driver can load the DLL required for NTLM authentication. If the driver cannot load the DLL, the driver throws an exception. The driver ignores any values specified by the User and Password properties. This value is supported only for Windows clients.

When AuthenticationMethod=ntlmjava, the driver uses NTLMv1 or NTLMv2 depending on the size of the NTLM password. NTLMv1 is used if the password is 14 bytes or less; NTLMv2 is used if the password is more than 14 bytes. A user ID and password must also be specified. If the user ID and password are unspecified, the driver throws an exception. In addition, the driver requires the name of the domain server that administers the database server. You can specify it using the Domain property. If the Domain property is unspecified, the driver attempts to determine the domain server name from the User property. If no domain is specified, the driver throws an exception. This value is supported for Windows and UNIX/Linux clients.

When AuthenticationMethod=ntlm2java, the driver uses NTLMv2 authentication. A user ID and password must also be specified. If the user ID and password are unspecified, the driver throws an exception. In addition, the driver requires the name of the domain server that administers the database server. You can specify it using the Domain property. If the Domain property is unspecified, the driver attempts to determine the domain server name from the User property. If no domain is specified, the driver throws an exception. This value is supported for Windows and UNIX/Linux clients.

When AuthenticationMethod=userIdPassword (default), the driver uses SQL Server authentication when establishing a connection. The User property provides the user ID. The Password property provides the password. If a user ID is not specified, the driver throws an exception.