Difference between revisions of "BCX Network Management Tools Installation Assistant"
m (→DNS) |
m (→SQL) |
||
Line 71: | Line 71: | ||
===SQL=== | ===SQL=== | ||
+ | |||
+ | ====New SQL==== | ||
+ | |||
+ | The server service requires an SQL database to store all of it's information. | ||
+ | This can either be an SQL Express instance for small sites and for testing or a full Standard or Enterprise installation. | ||
+ | If you use an Express instance for testing this can later be upgraded to a full Standard or Enterprise edition. | ||
+ | SQL Express downloads as a single executable file. This is the file that the Installation Assistant will need to install SQL. | ||
+ | Using a Standard or Enterprise edition comes as an ISO image or on a DVD. The executable that the Installation Assistant uses is the setup.exe on the root of the disc. | ||
+ | |||
+ | You can set a custom instance name if required for any reason but otherwise the default BCXSQL is fine. | ||
+ | |||
+ | |||
+ | ====Existing SQL==== | ||
+ | |||
+ | If you choose to use an existing SQL instance we recommend using a dedicated instance, and there are some specific requirements needed for the server service to run. | ||
+ | The SQL instance must have the Domain Admins group added to the security section of SQL server and database security mapping for the SYSTEM account. | ||
+ | This can be done by using the SQL Server Management Studio, expanding the Security section, right clicking Logins, and clicking New Login... | ||
+ | |||
+ | Image of SQL Management - New login | ||
+ | |||
+ | With the New Login box open, click Search. | ||
+ | Click Object Types... and click the Groups check box, press ok. Click Locations... and choose Entire Directory and press OK. | ||
+ | |||
+ | Image of search | ||
+ | |||
+ | Type Domain Admins in the bottom box and click Check Names. This should underline Domain Admins. Press OK. | ||
+ | Click User Mapping and put a tick in the tickbox next to bcxdb database. | ||
+ | In the bottom section of the window, tick the boxes for the options db_datareader and db_datawriter. Press OK. | ||
+ | |||
+ | Image of Login Properties Domain\Domain Admins | ||
+ | |||
+ | Back in SQL Management, in the list of Logins, find the user NT AUTHORITY\SYSTEM. Right click and go to properties. | ||
+ | |||
+ | Image of Login Properties NT Authority | ||
+ | |||
+ | Go to User Mapping and in the bottom section of the window, tick the boxes for the options db_backupoperator, db_datareader, db_datawriter and db_ddladmin. | ||
+ | Press OK. | ||
+ | |||
+ | This is to allow all Domain Admin users to access the manager, and the server service and backup utility to access the SQL database. | ||
+ | |||
+ | The username and password given during the installation must have access to be able to create the BCX database and restore the data from a file. | ||
===Update and Backup=== | ===Update and Backup=== |
Revision as of 12:22, 4 December 2020
Use the links below for details of installer steps during use of the Installation Assistant.
Contents
Prerequisites
Version 4 requires .NET 4.7.2 or later.
If this is not installed, the Installation Assistant will try and make this easier by offering to automate the process if the check fails. All that is needed is the install media relevant to the edition of Windows Server that you are installing the BCX Management Tools on. Once mounted, it can be browsed to and the Installation Assistant will add the feature for you.
Packages
The client service runs under the context of the local computer SYSTEM account. When installing packages from a package task, the installer is ran within the same context as the client service. For this reason, when the computer authenticates itself against the shared package location, the computer account needs permission to access the shared location. When creating a new location this is done automatically, when using an existing location these options can be set manually or the Installation Assistant can attempt to change them for you. Below is an example of the security permissions set correctly on the folder.
Image of security rights
If you don't already have an existing central packages location, or want to start a new collection of software, the location can exist on the new BCX Management Server. Otherwise use your existing location if you already deploy software in a similar fashion.
Active Directory
The server service requires information to be able to make a synced copy of data from Active Directory. The manager can see a live version of Active Directory Users and Computers from within the Users and Computers tab. Station Information and User Information that is stored is used to match client requests from workstations rather than querying Active Directory each time therefore causing substantial load on Domain Controllers and potential security issues from direct client access.
Because of the load that is put on the server service and the Domain Controller during the sync, the sync time by default it set to 30 minutes. This usually does not cause any problems with resource deployment, unless users are moved in short succession during testing. In which instance there is a manual sync option.
It is completely understandable that most people running a trial of the software will want to create a temporary OU structure to see the tools in use before committing it to your production network layout. The initial setup is flexible and the OU locations or names can be changed so it is possible to link it to an existing OU structure at a later date or migrate objects to the new structure. This is something that should be carried out with the help of Burconix Support.
Image of BCX Tools U&C
Wake on LAN
DNS
There is 1 DNS record that the management services require in order to work. The record is a CNAME for the BCX Management Server called BCXMaster. This is to enable flexibility within your environment so that users aren't forced to use the same server name and you can follow a specific naming convention. All client services use this DNS record to communicate with the server.
The Installation Assistant will create the record for you in the correct DNS Domain Name zone if you would like it to, otherwise you can create the entry yourself as follows.
Image of DNS - New Alias
Open DNS management on a domain controller. Find the relevant DNS zone. Right click in an empty space in the right hand pane, and select New Alias (CNAME)...
Image of New Record
In the new record box, type an Alias Name of bcxmaster and click Browse.
Image of New Record - browse
Browse the DNS zone to find the server name of the server that the BCX Server Service will reside on.
Press ok, and advance the Installation Assistant to check the record exists.
SQL
New SQL
The server service requires an SQL database to store all of it's information. This can either be an SQL Express instance for small sites and for testing or a full Standard or Enterprise installation. If you use an Express instance for testing this can later be upgraded to a full Standard or Enterprise edition. SQL Express downloads as a single executable file. This is the file that the Installation Assistant will need to install SQL. Using a Standard or Enterprise edition comes as an ISO image or on a DVD. The executable that the Installation Assistant uses is the setup.exe on the root of the disc.
You can set a custom instance name if required for any reason but otherwise the default BCXSQL is fine.
Existing SQL
If you choose to use an existing SQL instance we recommend using a dedicated instance, and there are some specific requirements needed for the server service to run. The SQL instance must have the Domain Admins group added to the security section of SQL server and database security mapping for the SYSTEM account. This can be done by using the SQL Server Management Studio, expanding the Security section, right clicking Logins, and clicking New Login...
Image of SQL Management - New login
With the New Login box open, click Search. Click Object Types... and click the Groups check box, press ok. Click Locations... and choose Entire Directory and press OK.
Image of search
Type Domain Admins in the bottom box and click Check Names. This should underline Domain Admins. Press OK. Click User Mapping and put a tick in the tickbox next to bcxdb database. In the bottom section of the window, tick the boxes for the options db_datareader and db_datawriter. Press OK.
Image of Login Properties Domain\Domain Admins
Back in SQL Management, in the list of Logins, find the user NT AUTHORITY\SYSTEM. Right click and go to properties.
Image of Login Properties NT Authority
Go to User Mapping and in the bottom section of the window, tick the boxes for the options db_backupoperator, db_datareader, db_datawriter and db_ddladmin. Press OK.
This is to allow all Domain Admin users to access the manager, and the server service and backup utility to access the SQL database.
The username and password given during the installation must have access to be able to create the BCX database and restore the data from a file.
Update and Backup
Group Policy
Return to Installation Guide