About SQL Server configuration settings

Article:HOWTO26814  |  Created: 2010-01-08  |  Updated: 2010-01-15  |  Article URL http://www.symantec.com/docs/HOWTO26814
Article Type
How To


Environment


About SQL Server configuration settings

If you install Symantec Endpoint Protection Manager with a Microsoft SQL Server database, there are specific configuration requirements for SQL Server. You can install Symantec Endpoint Protection Manager with either a local database or a remote database.

See Installing and configuring Symantec Endpoint Protection Manager with a SQL Server database.

Before you create the database, Symantec recommends that you install a new instance of SQL Server that conforms to Symantec installation and configuration requirements. You can install a database in an existing instance, but the instance must be configured properly or your database installation fails. For example, if you select a case-sensitive SQL collation your installation fails.

Warning:
Symantec Endpoint Protection Manager authenticates to Microsoft SQL Server with a clear text database owner user name and password. To maximize the security posture of remote Microsoft SQL Server communications, collocate both servers in a secure subnet.

Table: Required SQL Server configuration settings

Configuration setting

Installation requirement

Instance name

Do not use the default name. Create a name such as SEPM.

By default, a database named Sem5 is created in the SQL Server instance when you install the Symantec Endpoint Protection Manager. The default instance is unnamed. It is supported, but can cause confusion if you install multiple instances on one computer.

Authentication configuration

Mixed Mode or Windows Authentication mode

See About SQL Server database authentication modes.

sa password

Set this password when you set Mixed Mode authentication.

Enabled protocol

TCP/IP

IP addresses for TCP/IP (SQL Server 2005 and 2008 only)

Enable IP1 and IP2

TCP/IP port numbers for IP1, IP2, and IPALL (SQL Server 2005 and 2008 only)

Set TCP Dynamic Ports to blank, and specify a TCP Port number. The default port is typically 1433. You specify this port number when you create the database.

The Symantec Endpoint Protection Manager database does not support dynamic ports.

Remote connections (SQL Server 2005 and 2008 only)

Must be enabled. TCP/IP protocol must also be specified.


If your database is located on a remote server, you must also install SQL Server client components on the computer that runs Symantec Endpoint Protection Manager.

During Symantec Endpoint Protection Manager installation, you make decisions about what database values to set. You must make these decisions before you start the installation.

Table: SQL Server database settings

Setting

Default

Description

Select IIS Web site configuration options

Use the default Web site

  • Use the default Web site

    Installs the Symantec Endpoint Protection IIS Web application in the default IIS Web site. The site works with any other Web application that is installed in the Web site.

  • TCP Port

    The port that is used by the Web site created.

  • Create a custom Web site

    Creates an independent Symantec Web server for Symantec Endpoint Protection Manager.

Server name

local host name

Name of the computer that runs the Symantec Endpoint Protection Manager.

Server port

8443

Port number on which the management server listens.

Web console port

9090

The HTTP port that is used for remote console connections.

Server data folder

C:\Program Files\Symantec Endpoint Protection Manager\data

Directory in which the Symantec Endpoint Protection Manager places data files including backups, replication, and other Symantec Endpoint Protection Manager files. The installer creates this directory if it does not exist.

Site name

Site local host name

Site name of the highest level container under which all features are configured and run with the Symantec Endpoint Protection Manager.

Encryption password

None

The password that encrypts communication between the Symantec Endpoint Protection Manager, clients, and optional Enforcer hardware devices. The password can be from 1-32 alphanumeric characters and is required.

Document this password and put it in a secure location. You cannot change or recover the password after you create the database. You must also enter this password for disaster recovery purposes if you do not have a backed up database to restore.

See Preparing for disaster recovery.

Database server

local host name

Name of the Microsoft SQL Server and the optional instance name. If the database server was installed with the default instance, which is no name, type either host name or the host's IP address. If the database server was installed with a named instance, type either host name\instance_name or IP address\instance_name. Using host name only works with properly configured DNS.

If you install to a remote database server, you must first install the SQL Server client components on the computer that runs the Symantec Endpoint Protection Manager.

SQL Server Port

1433

The port used to send and receive traffic to the SQL Server.

Port 0, which is used to specify a random, negotiated port, is not supported.

Database Name

sem5

Name of the database that is created.

User

sem5

Name of the database user account that is created. The user account has a standard role with read and write access. The name can be a combination of alphanumeric values and the special characters ~#%_+=|:./. The special characters `!@$^&*()-{}[]\\<;>,? are not allowed. The following names are also not allowed: sysadmin, server admin, setupadmin, securityadmin, processadmin, dbcreator, diskadmin, bulkadmin.

Password

None

The password to associate with the database user account. The name can be a combination of alphanumeric values and the special characters ~#%_+=|:./. The special characters `!@$^&*()-{}[]\\<;>,? are not allowed.

SQL client folder

SQL Server 2000: C:\Program Files\Microsoft SQL Server\80\Tools\Binn

SQL Server 2005: C:\Program Files\Microsoft SQL Server\90\Tools\Binn

SQL Server 2008: C:\Program Files\Microsoft SQL Server\100\Tools\Binn

Location of the local SQL Client Utility directory that contains bcp.exe.

DBA user

None

Name of the database server administrator account, which is typically sa.

DBA password

None

Name of the password that is associated with the database user account.

Database data folder

Automatically detected after clicking Default

SQL Server 2000: C:\Program Files\Microsoft SQL Server\MSSQL\Data

SQL Server 2005: C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data

SQL Server 2008: C:\​Program Files\​Microsoft SQL Server\​MSSQL10.MSSQLSERVER\​MSSQL\​Data

Location of the SQL Server data directory. If you install to a remote server, the volume identifier must match the identifier on the remote server.

  • If you install to a named instance on SQL Server 2000, the instance name is appended to MSSQL with a dollar sign. For example, \MSSQL$instance name\Data.

  • If you install to a named instance on SQL Server 2005, the instance name is appended to MSSQL with a dot numeric identifier. For example, \MSSQL.1\instance name\Data.

  • If you install to a named instance on SQL Server 2008, the instance name is appended to MSSQL10. For example \MSSQL10.instance name\Data.

Note:
Clicking Default displays the correct installation directory, if you entered the database server and instance name correctly. If you click Default and the correct installation directory does not appear, your database creation fails.

Admin User Name

admin

Name of the default user name that is used to log on to the Symantec Endpoint Protection Manager console for the first time.

(not changeable)

Admin Password

None

The password that you specified during server configuration to use with the admin user name.

Email address (optional)

None

System notifications are sent to the email address specified.



Legacy ID



349168


Article URL http://www.symantec.com/docs/HOWTO26814


Terms of use for this information are found in Legal Notices