40 Entrust ldontltyGuard 10.1 Databaso Contlguratlon Guldo Documont lssuo: 1.

0
Peport any errors or omissions
Se t t i n g u p t h e SQL Se r ve r d a t a b a se
8efore you install Entrust ldentityCuard, you must prepare the SQL Server database.
This section includes:
Preparing the SQL Server database for installation on page 40
lnstalling the Entrust ldentityCuard schema file for SQL Server on page 41
lnstalling the JD8C driver on page 44
Pemember to complete the procedures in this configuration guide before you install
Entrust ldentityCuard.
Note: When preparing an SQL Server database for Entrust ldentityCuard, keep
in mind the languages that you need to support. For international English or
non-English environments, consult your SQL Server documentation for more
information on setting the language variable.
Pr e p a r i n g t h e SQL Se r v e r d a t a b a se f or i n st a l l a t i on
Create a separate database for Entrust ldentityCuard data. This database should not
be set up with administrator (dbo) privileges.
To cr e a t e an SQL Se r ve r d at aba se an d use r a ccoun t
1 Create a database that will hold the Entrust ldentityCuard data.
When you create the schema for Entrust ldentityCuard, give it a descriptive name
such as igadmin. lf the schema does not yet exist, it will be created
automatically. lf you do not name the schema explicitly, the schema name will
default to dbo.
2 Create a database user login account (igadmin, for example) and set this user`s
default database to the database you just created.
3 Cive the user access to the new database, and permit these roles:
Note: The db_owner and db_ddladmin roles are required for adding the Entrust
ldentityCuard schema, but are not needed for normal Entrust ldentityCuard
operations. After adding the Entrust ldentityCuard schema, you can optionally
remove the db_owner and db_ddladmin roles from the database user.
public
db_owner
db_ddladmin
41 Contlgurlng an SCl Sorvor databaso
Peport any errors or omissions
db_datareader
db_datawriter
I n st a l l i n g t h e En t r u st I d e n t i t y Gu a r d sch e m a f i l e f or SQL Se r ve r
After you prepare the database, create the Entrust ldentityCuard database tables
using the applicable command file included in the Entrust ldentityCuard installation
package.
Extract the applicable archive file for your operating system. Pefer to the ntrust
IdenttyCuard InstaIIaton Cude for details.
The schema files for SQL Server are available under the IG_I0I/sql directory
included in the Entrust ldentityCuard installation package. You can access them
without installing Entrust ldentityCuard.
Pun the applicable schema file as the newly created Entrust ldentityCuard database
user.
There are three schema files to choose from:
lf you are installing a new version of Entrust ldentityCuard, use the file
sqlserver_vI0I_schema.sql.
lf you are upgrading from Entrust ldentityCuard 10.0, use the file
sqlserver_vI00_to_vI0I_upgrade.sql.
lf you are upgrading from Entrust ldentityCuard 9.3, use the file
sqlserver_v9_to_vI0I_upgrade.sql.
lf you are upgrading from Entrust ldentityCuard 9.2, use the file
sqlserver_v9?_to_vI0I_upgrade.sql.
8efore you run the schema file, you must edit it for your installation.
To e di t an d r u n t h e SQL f i l e
1 Copy the applicable schema file to a working directory on the database server.
2 pen it in an editor. lt looks likes this:
42 Entrust ldontltyGuard 10.1 Databaso Contlguratlon Guldo Documont lssuo: 1.0
Peport any errors or omissions
3 Uncomment the line USE igdb, and replace igdb with the name of the database
created for Entrust ldentityCuard.Usually, the database is named to match the
name of the user that owns the database. To uncomment, remove the dashes
and leading space ( --).
4 Save the schema file on the database server. Usually, the schema is named to
match the name of the user that owns the database.
5 Double-click the schema file.
A login prompt appears. For example:
6 Enter the user name and password of the database login account created for
Entrust ldentityCuard.
43 Contlgurlng an SCl Sorvor databaso
Peport any errors or omissions
7 Click Connect.
The schema appears in Nicrosoft SQL Server Nanagement Studio. For example:
8 Click inside the schema file (middle pane) to enable the xecute button.
9 Click xecute.
Your schema file loads.
Now, verify the schema name to which the Entrust ldentityCuard objects are
associated.
To ve r i f y t h e dat aba se sch e ma
1 pen the database.
2 View the tables. The list of tables includes the associated schema name for each
table.
3 Look for the Entrust ldentityCuard table called tokens. The associated schema
should not be dbo, that is, it should not have administrator privileges.
4 lf the schema is dbo, it probably means that the server roles were assigned while
you were creating the database user. lf the schema is dbo:
44 Entrust ldontltyGuard 10.1 Databaso Contlguratlon Guldo Documont lssuo: 1.0
Peport any errors or omissions
a Nodify the database properties to change the schema name from dbo to
igadmin (or whatever name you gave the schema above).
b Drop the Entrust ldentityCuard tables.
c Peload the Entrust ldentityCuard schema.
I n st a l l i n g t h e J DBC d r i v e r
Locate the correct JD8C driver file.
For Nicrosoft SQL Server 2005, Download and unpack the Nicrosoft SQL Server
JD8C Driver 2.0 package from
http://www.microsoft.com/downloads/details.aspx?familyid=99821865-E98F-4A6
1-8811-19912601FDC9&displaylang=en. This package contains two drivers:
sqljdbc.jar and sqljdbc4.jar.
lf you are using Tomcat or WebLogic, sqljdbc4.jar is the correct driver.
lf you are using WebSphere, sqljdbc.jar is the correct driver.
For Nicrosoft SQL Server 2008, the driver files are provided with your database
software:
lf you are using Tomcat or WebLogic, sqljdbc4.jar is the correct driver.
lf you are using WebSphere, sqljdbc.jar is the correct driver.
Place the JAP file in a location on the Entrust ldentityCuard Server where the person
installing Entrust ldentityCuard can find them during configuration.