The MS SQL Server endpoint type lets you manage privileged Microsoft SQL Server accounts.
The administrative user that you specify for an MS SQL Server endpoint must:
Note: A user with the securityadmin server role cannot modify serveradmin and sysadmin server roles.
When you create endpoints of this type, provide the following information so that CA ControlMinder Enterprise Management can connect to the endpoint:
Defines the name of an administrative user of the endpoint. SAM uses this account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords.
Note the following points:
If you specify the Advanced option, SAM does not use the User Login account to perform administrative tasks. Instead, SAM uses the specified privileged account to perform administrative tasks on the endpoint.
Defines the password of the administrative user of the endpoint.
Defines the URL that CA ControlMinder Enterprise Management can use to connect to the endpoint. The URL specifies a particular type of database server.
Format: jdbc:sqlserver://servername:port
Example: jdbc:sqlserver://localhost:1433
Note: For more information on the format of the URL, see your endpoint documentation.
Defines the host name of the endpoint.
Note: If CA ControlMinder is installed on the endpoint, we recommend that you specify the CA ControlMinder host name for this attribute. You can use World View to view the CA ControlMinder host name of the endpoint.
(Optional) Specifies the server listening port number. The port number that you specify must match the port number that you specify in the URL.
Example: 1433
(Optional) Specifies the database instance name.
Specifies whether you want to use a privileged administrative account to perform administrative tasks on the endpoint, for example, to connect to the endpoint, discover accounts, and change passwords. For example, you can specify a privileged domain account that can perform administrative tasks on multiple endpoints.
If you specify this option, SAM does not use the User Login account to perform administrative tasks.
Specifies whether to disable the exclusive sessions check on this endpoint. When selected, SAM does not check for open sessions on the endpoint.
Specifies to block break-glass check-out action on exclusive accounts.
Copyright © 2013 CA Technologies.
All rights reserved.
|
|