Article Number: 000198727
Interactive service accounts are required for Dell Security Management Server. Dell Security Management Server or Dell Security Management Server Virtual performs Active Directory authentication by using an interactive service account. Dell Security Management Server instances may require a separate interactive service account if Windows-based authentication is performed to a Microsoft SQL server for database access. For more information, select the requirements for Active Directory Interactive Service Accounts or for Microsoft SQL Interactive Service Accounts.
The account that is being defined per-domain within the Dell Security Management Server or Dell Security Management Server Virtual must comply to the following:
Dell Security Management Server and Dell Security Management Server Virtual leverage a defined Active Directory account. This is used to log in as the user provided by an endpoint running Dell Encryption. This validates the Active Director credentials that the user has logged into the endpoint with.
An interactive login is performed by the configured Active Directory account in the domain settings on the Dell Security Management Server. This login presents the user to validate to Active Directory, along with a password token for validation.
These functions take place within the Dell Security Server Service in v9.1.5 and later. In v9.1.0 and earlier, the Dell Compatibility Server processed these requests.
The Dell Security Management Server leverages a Microsoft SQL server for data storage, which can be configured to authenticate with a Windows-based account. If a Windows-based account is leveraged, a few items are required:
Action | Scenario | SQL Privilege Required |
---|---|---|
Upgrade | Upgrades already have database and user established | db_owner |
Restore Install | Restore an existing database and login | db_owner |
New Install | Using an existing database | db_owner |
New Install | Creating a database | dbcreator , db_owner |
New Install | Using an existing login | db_owner |
New Install | Creating a login | securityadmin |
Normal Operation | Permissions needed for normal operation | db_owner |
These folders are written to by Dell Security Management Server services using the SQL service account:
D:\Program Files\Dell\Enterprise Edition\ACL Service\ D:\Program Files\Dell\Enterprise Edition\Compatibility server\ D:\Program Files\Dell\Enterprise Edition\Compliance Reporter D:\Program Files\Dell\Enterprise Edition\Core Server D:\Program Files\Dell\Enterprise Edition\Message Broker\ D:\Program Files\Dell\Enterprise Edition\Key Server D:\Program Files\Dell\Enterprise Edition\Security Server\
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.
Dell Encryption
26 Oct 2023
4
How To