Using SQL Authentication
With this method, each server is given a login name and password,
and is configured to accept the login names and passwords of all other
servers in the deployment. The password for this account typed in
clear text is obfuscated under the HKLM
branch of
the registry on each server, after the restart of the FillDB service.
To authenticate your servers using SQL authentication, follow these steps:
- Choose a single login name (for example,
besserverlogin
), and a single password to be used by all servers in your deployment for inter-server authentication. - On the Master server, use SQL Server Management Studio to create
a SQL Server login with this name. Choose SQL Server Authentication
as the authentication option and specify the password. Change the
default database to
BFEnterprise
and grant it System Admin (sa
) authority or thedb_owner
role for the BFEnterprise and master databases. - On the master server, add the following string values under the
HKLM\Software\Wow6432Node\BigFix\Enterprise Server\FillDB
key:ReplicationUser = <login name> ReplicationPassword = <password> ReplicationPort = <SQL_port>
- Restart the
FillDB
service.
Note:
- This choice must be made on a deployment-wide basis; you cannot mix domain-authenticated servers with SQL-authenticated servers.
ReplicationUser
,ReplicationPassword
, andReplicationPort
must be uniquely defined in all the server registries of your DSA environment.- All IBM BigFix servers in your deployment must be running the same version of SQL server.