|Applies To||RSA Product Set: Netwitness Endpoint (ECAT)|
RSA Version/Condition: 4.1.x.x, 4.2.x.x
Platform (Other): SQL 2014 Standard/Enterprise, SQL 2012 Standard/Enterprise, SQL 2008 Standard/Enterprise
|Issue||It is recommended that Netwitness Endpoint and Microsoft SQL Server be installed on the same server.|
The following details the permissions requirements for Windows/Active Directory and Microsoft SQL Server when both are installed on the same server.
|Tasks||There are 4 service accounts that must have appropriate permissions, 3 folders that require configuration and SQL privileges that must be correct if Netwitness Endpoint is to function correctly. Additionally, the Files folder must be shared if you have users running the UI remotely.|
|Resolution||Example of limiting ‘sysadmin’ privileges:|
For the purpose of installing, the user will need to be sysadmin. Let’s call him Adam. Adam will then be able to login to Netwitness Endpoint UI because he is sysadmin on the DB. Adam should create another user within “Users and Roles” in the Netwitness Endpoint UI - let’s call him Bob, and add the role of ECAT Admin to him. Then we can drop the sysadmin rights from Adam. Bob can create a new user from within the ECAT UI for Adam and give him the role of ECAT Admin. These two users will then be able to add users and change roles at will. Not a single human will have sysadmin.