Using SQL Authentication

With this method, each server is given a login name and password, and is configured to accept the login names and passwords of all other servers in the deployment. The password for this account typed in clear text is obfuscated under the HKLM branch of the registry on each server, after the restart of the FillDB service.

To authenticate your servers using SQL authentication, follow these steps:

  1. Choose a single login name (for example, besserverlogin), and a single password to be used by all servers in your deployment for inter-server authentication.
  2. On the Master server, use SQL Server Management Studio to create a SQL Server login with this name. Choose SQL Server Authentication as the authentication option and specify the password. Change the default database to BFEnterprise and grant it System Admin (sa) authority or the db_owner role for the BFEnterprise and master databases.
  3. On the master server, add the following string values under the HKLM\Software\Wow6432Node\BigFix\Enterprise Server\FillDB key:
    ReplicationUser = <login name>
    ReplicationPassword = <password>
    ReplicationPort = <SQL_port>
  4. Restart the FillDB service.
Note:
  • This choice must be made on a deployment-wide basis; you cannot mix domain-authenticated servers with SQL-authenticated servers.
  • ReplicationUser, ReplicationPassword, and ReplicationPort must be uniquely defined in all the server registries of your DSA environment.
  • All IBM BigFix servers in your deployment must be running the same version of SQL server.