|
|
|
CA DLP needs two SQL Server logins that it can use to access the CMS database. These are the Primary User and Search User.
You can specify and, if required, create these users when you run the CMS installation wizard. Alternatively, you can manually create a Primary User and Search User before deploying the CMS (for example, you may want to do this as part of a native DDL script CMS installation)
This is the main CA DLP database account. The infrastructure uses this account to access the CMS database. For SQL Server databases, the primary user owns the schema.
CA DLP consoles use this database account when searching the CMS database for events. This is a secure account that is subject to row level security (RLS) when searching the database for events. This ensures that reviewers cannot see events that they are not permitted to see when they run a search. If multiple database security models are enabled on your CMS, specify a separate Search User database account for each security model.
You must specify a Search User when you install the CMS. This database account is automatically associated with the default database security model, Management Group (Standard). But if you enable additional security models on your CMS, each will require its own, unique Search User.
Note: ‘Row level security’ is a reference to event records in the relevant database tables.
Note: Both the Primary User and Search User logins must use ‘SQL Server Authentication’. You specify the authentication method in the Login Properties dialog in SQL Server Enterprise Manager.
| Copyright © 2011 CA. All rights reserved. | Email CA Technologies about this topic |