About SQL Server configuration settings

Article:HOWTO81038  |  Created: 2012-10-24  |  Updated: 2013-10-07  |  Article URL http://www.symantec.com/docs/HOWTO81038
Article Type
How To


Subject


About SQL Server configuration settings

If you install Symantec Endpoint Protection Manager with a Microsoft SQL Server database, there are specific configuration requirements for SQL Server.

See Installing Symantec Endpoint Protection Manager.

Before you create the database, Symantec recommends that you install a new instance of SQL Server that conforms to Symantec installation and configuration requirements. You can install a database in an existing instance, but the instance must be configured properly or your database installation fails. For example, if you select a case-sensitive SQL collation, your installation fails.

Warning:

Symantec Endpoint Protection Manager authenticates to Microsoft SQL Server with a clear text database owner user name and password. To maximize the security posture of remote Microsoft SQL Server communications, collocate both servers in a secure subnet.

Table: Required SQL Server configuration settings

Configuration setting

Installation requirement

Instance name

Do not use the default name. Create a name such as SEPM.

By default, a database named Sem5 is created in the SQL Server instance when you install the Symantec Endpoint Protection Manager. The default name is supported, but can cause confusion if you install multiple instances on one computer.

Authentication configuration

Mixed Mode or Windows Authentication mode

See About SQL Server database authentication modes.

sa password

Set this password when you set Mixed Mode authentication.

Enabled protocol

TCP/IP

IP addresses for TCP/IP

Enable IP1 and IP2

TCP/IP port numbers for IP1, IP2, and IPALL

Set TCP Dynamic Ports to blank, and specify a TCP Port number. The default port is typically 1433. You specify this port number when you create the database.

The Symantec Endpoint Protection Manager database does not support dynamic ports.

Remote connections

Must be enabled. TCP/IP protocol must also be specified.

If your database is located on a remote server, you must also install SQL Server client components, including BCP.EXE, on the computer that runs Symantec Endpoint Protection Manager. Refer to Microsoft SQL Server documentation for installation instructions.

During the Symantec Endpoint Protection Manager database configuration phase of the installation, you select and enter various database values. Understand the decisions you must make to correctly configure the database.

Table: SQL Server database settings displays the settings that you might need to know before you begin the installation process.

Table: SQL Server database settings

Setting

Default

Description

Server name

local host name

Name of the computer that runs the Symantec Endpoint Protection Manager.

Server data folder

C:\Program Files\Symantec Endpoint Protection Manager\data

Folder in which the Symantec Endpoint Protection Manager places data files including backups, replication, and other Symantec Endpoint Protection Manager files. The installer creates this folder if it does not exist.

Encryption password

None

The password that encrypts communication between the Symantec Endpoint Protection Manager, clients, and optional Enforcer hardware devices. The password can be from 6-32 alphanumeric characters and is required.

Document this password and put it in a secure location. You cannot change or recover the password after you create the database. You must also enter this password for disaster recovery purposes if you do not have a backed up database to restore.

See Performing disaster recovery.

Database server

local host name

Name of the Microsoft SQL Server and the optional instance name. If the database server was installed with the default instance, which is no name, type either host name or the host's IP address. If the database server was installed with a named instance, type either host name\instance_name or IP address\instance_name. Using host name only works with properly configured DNS.

If you install to a remote database server, you must first install the SQL Server client components on the computer that runs the Symantec Endpoint Protection Manager.

SQL Server Port

1433

The port used to send and receive traffic to the SQL Server.

Port 0, which is used to specify a random, negotiated port, is not supported.

Database Name

sem5

Name of the database that is created.

Database user name

sem5

Name of the database user account that is created. The user account has a standard role with read and write access. The name can be a combination of alphanumeric values and the special characters ~#%_+=|:./. The special characters '!@'$^&*()-{}[]"\<;>,? are not allowed. The following names are also not allowed: sysadmin, server admin, setupadmin, securityadmin, processadmin, dbcreator, diskadmin, bulkadmin.

Database password

None

The password that is associated with the database user account. The name can be a combination of alphanumeric values and the special characters ~#%_+=|:./. The special characters !@*(){}[];,? are not allowed.

SQL Server client folder

SQL Server 2005: C:\Program Files\Microsoft SQL Server\90\Tools\Binn

SQL Server 2008: C:\Program Files\Microsoft SQL Server\100\Tools\Binn

SQL Server 2012 C:\Program Files\Microsoft SQL Server\110\Tools\Binn

Location of the local SQL Client Utility directory that contains bcp.exe.

Server user name

None

Name of the database server administrator account, which is typically sa.

Server password

None

The password that is associated with the database server administrator account.

Database data folder

Automatically detected after clicking Default.

SQL Server 2005: C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Data

SQL Server 2008: C:\Program Files\Microsoft SQL Server\MSSQL10.MSSQLSERVER\MSSQL\Data

SQL Server 2008 R2: C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Data

SQL Server 2012: C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Data

Location of the SQL Server data folder. If you install to a remote server, the volume identifier must match the identifier on the remote server.

  • If you install to a named instance on SQL Server 2005, the instance name is appended to MSSQL with a dot numeric identifier. For example, \MSSQL.n\MSSQL\Data

  • If you install to a named instance on SQL Server 2008, the instance name is appended to MSSQL10. For example, \MSSQL10.instance name\MSSQL\Data.

  • If you install to a named instance on SQL Server 2008 R2, the instance name is appended to MSSQL10_50. For example, \MSSQL10_50.instance name\MSSQL\Data.

  • If you install to a named instance on SQL Server 2012, the instance name is appended to MSSQL11. For example, \MSSQL11.instance name\MSSQL\Data.

Note:

Clicking Default displays the correct installation folder, if you entered the database server and instance name correctly. If you click Default and the correct installation folder does not appear, your database creation fails.


Legacy ID



v52562650_v81626096


Article URL http://www.symantec.com/docs/HOWTO81038


Terms of use for this information are found in Legal Notices