Implementation Guide › Installing the Enterprise Management Server › How to Prepare the Enterprise Management Server › Prepare the Central Database for Enterprise Management

Prepare the Central Database for Enterprise Management

CA Access Control Enterprise Management requires a relational database management system (RDBMS). Set this up before you install CA Access Control Enterprise Management.

You have two options for setting up your database to work with CA Access Control Enterprise Management:

• Prepopulate the central database using deployment scripts CA Access Control provides.

  Using this option, you separate between database preparation and CA Access Control Enterprise Management installation. The database administrator can review and control the changes CA Access Control makes to the database.

• Let CA Access Control Enterprise Management prepare the central database during installation.

  Using this option, the CA Access Control Enterprise Management installation populates the database as part of the installation process.

Follow these steps:

1. If you do not already have one, install a supported RDBMS as the central database.

   Note: For a list of supported RDBMS software, see the Release Notes.

2. Configure the RDBMS for CA Access Control Enterprise Management:

   Verify that the database can be accessed locally and from a remote client.

   • For Oracle, perform the following steps:
   1. Create a user for the central database. This user must have the following permissions and settings:
      • Roles: CONNECT, RESOURCE
      • System Privileges: ALTER SESSION, CREATE CLUSTER, CREATE DATABASE LINK, CREATE SEQUENCE, CREATE SESSION, CREATE SYNONYM, CREATE TABLE, CREATE VIEW, CREATE INDEXTYPE, CREATE OPERATOR, CREATE PROCEDURE, CREATE TRIGGER, CREATE TYPE, SELECT ANY DICTIONARY, UNLIMITED TABLESPACE
   2. Enter the following commands to increase the number of connections to the database:

      ALTER SYSTEM SET transactions=275 SCOPE=SPFILE
      

      ALTER SYSTEM SET sessions=250 SCOPE=SPFILE
      

      ALTER SYSTEM SET processes=200 SCOPE=SPFILE
      

   • For SQL Server:
     • Create a new case-insensitive database.

       The database must have the sort order SQL_Latin1_General_CP1_CI_AS.

     • Create a user, make the new database the default database of the user, and assign the following privileges: DBCREATOR, SYSADMIN
3. (Optional) Prepopulate the central database using the deployment scripts CA Access Control provides.
   1. Customize the deployment scripts before you deploy them.

      The deployment scripts define four default user accounts that CA Access Control Enterprise Management uses (superadmin, selfreguser, neteautoadmin, [default user]). You can change the names of these default accounts and their passwords.

      Important! Customize the scripts only if you plan to use the embedded user store. If you use Active Directory, CA Access Control Enterprise Management does not store account information in the central database.

   2. Deploy the deployment scripts.
   3. Configure the database user that you use for CA Access Control Enterprise Management installation.
      • For Oracle, keep the CONNECT and RESOURCE roles for the user you created.
      • For SQL Server, create a user, select the database that you created earlier as the default, map the user to the database, and set the following permissions: CONNECT.SELECT, INSERT, DELETE, UPDATE, EXECUTE.