The following steps will walk you through the setup and configuration of SQL Server 2016 Standard Edition. At the completion of this article you will have:
Open the downloaded file to start the SQL Server setup.
Select System Configuration Checker. By doing this, you'll be able to start and run a tool that analyzes your server for circumstances that might make it impossible for SQL Server to install.
After starting the tool, select Show information. An effective scan should like the one below. If you run into any problems, check through the complete report, fix the problems, then restart the scan.
When completed, click OK to go back to the "SQL Server Installation Center" window.
Select New SQL Server stand-alone installation or add features to an existing installation from the Installation menu in the "SQL Server Installation Center" window.
Click Next after inserting your product key.
Click Next after selecting the "I accept the licensing conditions" option.
The Rule Check must run first.
When you get to the "Microsoft Update" phase, check the box. If your software update procedure does not employ Microsoft's automatic updates, click Next after using Microsoft Update to check for updates (recommended).
Click Next after leaving the "Product Updates" phase at its default settings.
Allow for the "Install Setup Files" process to be finished. Make sure everything is functioning properly. When the installation is finished, click Next.
Only "Database Engine Services" is required for Secret Server out of the features listed under "Feature Selection."
You may keep all other boxes unchecked unless you're utilizing Geo-Replication. Click Next after leaving the directory locations unchanged.
In the stage under "Instance Configuration," keep "Default instance" selected.
Click Next after selecting a name (Instance ID) for your SQL Instance.
Click Next after leaving the "Server Configuration" step's default parameters unchanged
You may choose between Windows authentication mode and Mixed Mode in the Database Engine Configuration box. Choose the one that will fit your setting the best; descriptions are underneath.
If you want to use a SQL Server account to authenticate Secret Server to your SQL Server instance, you must use Mixed Mode (for easier setting). If you are putting up a test or demo setup, we advise utilizing mixed mode. You will also need to create a password for the SQL Server system administrator (sa) account if you choose this option. For information on how to add more users, go to the section below titled Adding a SQL Server User.
Windows Mode: This will block SQL Server account authentication (recommended for optimal security). Windows Mode is suggested for use in production settings. Your SQL instance's administrative access will be granted to whichever user or group is designated. Best Security Practices recommend keeping this number of users as low as feasible.
Please Note:To operate your Thycotic product's IIS Application Pool(s), you will also need to create a service account if you select Windows Mode later in the installation procedure.
Note: To manage your SQL Server database, use an Administrator account
If you want to store the database and log data on a different disk or directory, you may change the file locations in the "Data Directories" and "TempDB" tabs. Then click Next. You can keep the other tabs' choices at their default settings.
Click Install once the setup procedure reaches the "Ready to Install" phase.
Close the window after waiting for the installation to be finished, which might take some time.
When seeing the "SQL Server Installation Center" windows, go back.
When the website has finished loading, click Download SQL Server Management Studio.
Click Run when the download is done (if using Internet Explorer to download the file; if using a different browser, follow the conventions for that browser to run the file or open the download folder and run the file).
When the installation for SQL Server Management Studio launches, select Install.
Wait for the installation to complete. This might take some time. If requested to restart when installation is complete, choose Restart. If not, press Close to end the session with "SQL Server Installation Center."
If the SQL database doesn't already exist and the user account has access to build a new database, the Thycotic installer will create it for you so that you may install Secret Server or Privilege Manager (this requires the dbcreator server role).
Using SQL Server Management Studio, perform the following steps to manually build a database if you are not using the Thycotic Installer:
From the Windows Start screen, look for SQL Server Management Studio and launch it.
Link up to your SQL Server instance.
Choose New Database simply right-clicking the Databases folder.
In the Database name section, type a name for your database, and then click OK.
Reduce the number of people who have access to your SQL database as much as you can, in accordance with security best practices.
To install a SQL Server account that Secret Server may use to access the SQL database, complete these steps:
From the Windows Start screen, look for SQL Server Management Studio and launch it.
Access to your SQL Server database.
Extend the folder Security.
Right-click the Logins folder and choose New Login...
Choose an authentication method:
Authentication for SQL Server Create a new SQL Server account using this option (this requires Mixed Mode to be enabled). To prevent the account from expiring, enter a new username and password and then disable the Enforce password policy check box.
Microsoft Authentication To provide an existing Windows account access to SQL Server, use this option. Enter the login name to add the account, or click Search to find the account. Using a domain account is advised over a local Windows account.
Go to the left menu and choose User Mapping.
Click the box next to your Secret Server database.
Select the db owner check box in the Database role membership window.