Previous Topic: CA DataMinder Server RequirementsNext Topic: Manually Create a SQL Server Login

Database GuideSQL Server GuidelinesSQL Server Logins

SQL Server Logins

CA DataMinder needs two SQL Server logins that it can use to access the CMS database. These are the Primary User and Search User.

You can specify and, if required, create these users when you run the CMS installation wizard. Alternatively, you can manually create a Primary User and Search User before deploying the CMS (for example, you may want to do this as part of a native DDL script CMS installation)

Primary User

This is the main CA DataMinder database account. The infrastructure uses this account to access the CMS database. For SQL Server databases, the primary user owns the schema.

Search Users

CA DataMinder consoles use this database account when searching the CMS database for events. This is a secure account that is subject to row level security (RLS) when searching the database for events. This ensures that reviewers cannot see events that they are not permitted to see when they run a search. If multiple database security models are enabled on your CMS, specify a separate Search User database account for each security model.

You must specify a Search User when you install the CMS. This database account is automatically associated with the default database security model, Management Group (Standard). But if you enable additional security models on your CMS, each will require its own, unique Search User.

Note: ‘Row level security’ is a reference to event records in the relevant database tables.

Unrestricted Search User

This database account corresponds to the 'Unrestricted' security model. CA DataMinder consoles and external reporting tools can use this database account when searching the CA DataMinder Data Warehouse and CMS database for events. Unlike normal Search User database accounts, the Unrestricted Search User is not subject to row level security (RLS) when searching the database. If a reviewer has 'Unrestricted' security model, the reviewer can see any events when they run a search or report. Search results or reports are not restricted by policy class or the reviewer’s management group.

You specify the Unrestricted Search User if you enable data warehousing when installing a CMS.

Reporting User

External reporting applications (such as BusinessObjects Enterprise) use this database account to connect to the Data Warehouse and CMS database.

You specify the Reporting User if you enable data warehousing when installing a CMS.

Note: The Primary User and Search User logins must use ‘SQL Server Authentication’. You specify the authentication method in the Login Properties dialog in SQL Server Enterprise Manager.