Introduction

BPC RiskManager is a highly secure environment, so security setup of accounts is necessarily a little more involved than just starting up the database and the application.

You have four options for application server login:

1. . Use sa (SQL Server builtin systems administrator account)
2. . Use the builtin riskmanuser user account (BPC RiskManager builtin master access account)
3. . Use an account of your own choosing with administration rights.
4. . Use an account of your own choosing without administration rights.

We recommend either option 1, 2 or 3 as this makes support and configuration slightly easier, and it is alread set up for you. The easiest is to use ‘sa’ to access the database from the application server – if you are doing this you can skip the rest of this step BUT the username and password will be stored in the registry on the application server. In a similar vein, you can create another account with systems administration rights (option 3) with the same drawback as using “sa” and the added burden of having to create the account in the first place. The advantage of using a systems administration level account is that you do not need to do anything about access rights for the database itself.

The generally preferred approach is option 2, using the built in user access account (or similar) with more restricted rights than ‘sa’. The rest of this step assumes you are using riskmanuser as the database login account. As the client components never access the database directly, the database access account is only used by the application server and the database never needs to be surfaced to any computer other than the application server, and the surveymanager host.

The databases ship with the “riskmanuser” and “mailmanager” user ids already created (the actual accounts may vary in your version - refer to the documentation shipped with your application) so if you use those ids you will find future administration easier. These accounts have highly restricted rights (less than a normal user) and are therefore the preferred option.

Creating a Database Login Account in SQL Server 2005 & Express

1. . Open Management Studio (SQL 2005/SQL Express) or Enterprise Manager (SQL 2000)
2. . Expand the folder with corresponding to the name of your computer
3. . Right click on the “Security” folder and choose “New Login”
   
   
   
   
4. . Select “SQL Server Authentication”
5. . Enter “riskmanuser” in the login name box
6. . Enter your desired password and confirm the password
7. . Write the password down somewhere handy as you will need it again soon.
8. . Un-check “Enforce password expiration”
9. . Un-check “User Must Change Password at Next Login”
   
   
   
   
10. . Select “OK:

Repeat the process for the MailManager account if you will be using a separate restricted mail account for the mailing system (optional)

NOTE: Do not assign any additional roles or rights to the account at this stage.

BackLinks

• Instaling BPC RiskManager Database on SQL Server 2005 or SQL Express