Installing the software prerequisites on the collection database server

Applies To: Forefront Client Security

The collection database server has one prerequisite: SQL Server with SP2 or SP1. Before installing the prerequisite, verify that the server meets the hardware and operating system requirements and that you have installed all critical computer and security updates. As part of the updates, make sure that you have Windows Update Agent 2.0 or later. Windows Update Agent automatically updates itself to the latest versions when you download updates from Microsoft.

In addition, you must grant permissions to the SQL Server Agent account that runs on the reporting database server.

Install SQL Server 2005 with SP2 or SP1

To use an existing installation of SQL Server, when running the Client Security Setup wizard, provide the server location. You still must use SQL Server 2005 with SP2 or SP1. In addition, the existing installation must not have a OnePoint database. (This is created for the collection database server as part of the Client Security installation.)

About installing SQL Server 2005 on the collection database server

  • For detailed information about installing SQL Server 2005, see SQL Server 2005 Books Online (https://go.microsoft.com/fwlink/?LinkId=77422).

  • When installing SQL Server 2005, you must do the following:

    • Install Database Services and Workstation components. (On the Components to Install page, select the following check boxes: SQL Server Database Services and Workstation components.)

    • Use a domain user or network service account for the SQL Server and SQL Server Agent service accounts. It is recommended that you use a domain user account. (On the Service Account page of the wizard, click Domain user account.)

    • Have the SQL Server Agent service start automatically. (On the Service Account page, under Start services at the end of setup, select the SQL Server Agent check box.)

    • Use a collation that is not case-sensitive. (On the Collation Settings page of the wizard, choose an option that is not case-sensitive.)

  • When installing SQL Server 2005, you should use Windows Authentication as the security mode. Windows Authentication mode is much more secure than mixed mode. (On the Authentication Mode page, select Windows Authentication Mode.)

  • During the SQL Server Setup wizard, the System Configuration Check displays a warning that IIS is required. You can ignore this warning. IIS is not required for the SQL Server installation on the reporting database.

To install SP2 or SP1 for SQL Server 2005

Change the location for data and log files

After installing SQL Server 2005, you can change the location for SQL Server data and log files.

To change the location for data and log files

  1. Open SQL Server Management Studio. (On the Start menu, click All Programs, click Microsoft SQL Server 2005, and then click SQL Server Management Studio.)

  2. In the Connect to Server dialog box, click Connect.

  3. Right-click the root server name node, and then click Properties.

  4. In the Server Properties dialog box, under Select a page, click Database Settings.

  5. In Database default locations, enter the locations you want to use for the data and log files, and then click OK.

Grant permissions to the SQL Server Agent account

You must give permissions for the account under which the SQL Server Agent runs (on the reporting database) to the collection database server. By doing so, you will enable the SQL Server Agent account for the reporting database to access the collection database.

To determine what account the SQL Server Agent runs under

  • On the reporting database server, open the Services console, double-click SQL Server Agent (MSSQLSERVER), and then click the Log On tab.

To grant permissions to the account

  • On the collection database server, add the computer account for the reporting database server (if the SQL Server Agent runs under the local system), or the domain account that the agent runs under, to the following group: SQLServer2005MSSQLUser $computername$ MSSQLSERVER

    Note

    To add a computer to a group, you must enable the object first. When adding the computer to the group, click Object Type in the Select Users, Computers, or Groups dialog box, and then select the Computers check box in the Object Types dialog box.