Fortinet black logo

EMS Administration Guide

Installing FortiClient EMS to specify SQL Server Enterprise or Standard instance

Installing FortiClient EMS to specify SQL Server Enterprise or Standard instance

If you are using SQL Server Enterprise or Standard with FortiClient EMS, you must install FortiClient EMS using the CLI to specify the correct SQL Server instance. Ensure you have already installed and configured SQL Server Enterprise or Standard.

For FortiClient EMS installation CLI option descriptions, see Installing FortiClient EMS using the CLI.

The following SQL permissions are required when using a local or remote database:

Local existing database

This section lists the CLI commands for when FortiClient EMS and SQL Server Enterprise or Standard are installed on the same machine.

Database type

Command

Local default instance using SQL authentication

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLUser=<username> SQLUserPassword=<password> InstallSQL=0 ScriptDB=1 SQLServerInstance= SQLService=<instance_name> SQLCmdlineOptions="/INSTANCENAME=" DBInitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

Local default instance using local Windows authentication

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLServerInstance= SQLService=<instance_name> SQLCmdlineOptions="/INSTANCENAME=" InstallSQL=0 ScriptDB=1

Local named instance using SQL authentication

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLUser=<username> SQLUserPassword=<password> InstallSQL=0 ScriptDB=1 SQLServerInstance=<instance_name> SQLService=mssql$<instance_name> SQLCmdlineOptions="/INSTANCENAME=<instance_name>"

Local named instance using local Windows authentication

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLServerInstance=<instance_name> SQLService=mssql$<instance_name> SQLCmdlineOptions="/INSTANCENAME=<instance_name>" InstallSQL=0 ScriptDB=1

For example, consider installing FortiClient EMS and pointing to a local instance with the following attributes:

  • Named "database000"
  • Using SQL authentication
  • SQL username "janedoe"
  • SQL password "password123"
  • Database initial size of 31 MB
  • Database initial log size of 4 MB
  • Database growth rate of 11 MB
  • Database log growth rate of 11%
  • Database login timeout of 31 seconds
  • Database SQL query timeout of 61 seconds

The installation command for this example is as follows:

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLUser=janedoe SQLUserPassword=password123 InstallSQL=0 ScriptDB=1 SQLServerInstance=database000 SQLService=mssql$database000 SQLCmdlineOptions="/INSTANCENAME=database000" DBInitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

Remote existing database

To create a backup directory:

Prior to installing FortiClient EMS, create a backup directory on the EMS server. The SQL Server service that is running on the EMS server and the Apache service that is running on the databaser server must both be able to access the backup directory. You must configure the backup directory as a subdirectory of a shared directory. The backup directory should be on the EMS server, not the SQL server.

  1. On the EMS server, create a shared directory.
  2. Create a backup directory inside the shared directory that you created.
  3. Right-click the shared directory and select Properties.
  4. On the Security tab, ensure all users have full control of the directory.
  5. On the Sharing tab, go to Advanced Sharing > Permissions.
  6. Ensure the following permissions are configured:
    • Services on the SQL server host have Change permissions.
    • Windows user that the services are running under has Change permissions.

Installation commands for remote existing databases

For remote instances using Windows authentication (domain user), do the following:

  1. Join the EMS and database servers to the same domain.
  2. Create a database user that maps to the domain user.
  3. In Command Prompt on the EMS server, run gpedit to open the Local Group Policy Editor.
  4. In Local Group Policy Editor, go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment.
  5. Double-click the Log on as a service. In the dialog, add the desired username from the Active Directory domain.

Database type

Command

Remote default or named instance using SQL authentication

FortiClientEndpointManagementServer_7.2.0.XXXX_x64.exe SQLServer=<SQL_Server_name> SQLUser=<username> SQLUserPassword=<SQL password> InstallSQL=0 ScriptDB=1 BackupDir=\\WIN-0888\Backup DB InitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

Remote default or named instance using Windows authentication (domain user)

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLServer=<SQL_Server_name> WindowsUser=<domain name>\<username> WindowsUserPassword=<password> InstallSQL=0 ScriptDB=1 BackupDir=<backupdirectorypath> DBInitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

For example, consider installing FortiClient EMS and pointing to a remote named instance with the following attributes:

  • On a computer with DNS name WIN-088
  • Using Windows authentication
  • Domain name "forticlient.ca"
  • Database initial size of 31 MB
  • Database initial log size of 4 MB
  • Database growth rate of 11 MB
  • Database log growth rate of 11%
  • Database login timeout of 31 seconds
  • Database SQL query timeout of 61 seconds
  • Backup directory of \\WIN-0888\Backup

The installation command for this example is as follows. This example also includes the optional SQLEncryptConnection option:

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLServer=WIN-0888 WindowsUser=forticlient.ca\janedoe WindowsUserPassword=password123 InstallSQL=0 ScriptDB=1 BackupDir=\\WIN-0888\Backup SQLEncryptConnection=no DBInitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

Installing FortiClient EMS to specify SQL Server Enterprise or Standard instance

If you are using SQL Server Enterprise or Standard with FortiClient EMS, you must install FortiClient EMS using the CLI to specify the correct SQL Server instance. Ensure you have already installed and configured SQL Server Enterprise or Standard.

For FortiClient EMS installation CLI option descriptions, see Installing FortiClient EMS using the CLI.

The following SQL permissions are required when using a local or remote database:

Local existing database

This section lists the CLI commands for when FortiClient EMS and SQL Server Enterprise or Standard are installed on the same machine.

Database type

Command

Local default instance using SQL authentication

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLUser=<username> SQLUserPassword=<password> InstallSQL=0 ScriptDB=1 SQLServerInstance= SQLService=<instance_name> SQLCmdlineOptions="/INSTANCENAME=" DBInitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

Local default instance using local Windows authentication

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLServerInstance= SQLService=<instance_name> SQLCmdlineOptions="/INSTANCENAME=" InstallSQL=0 ScriptDB=1

Local named instance using SQL authentication

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLUser=<username> SQLUserPassword=<password> InstallSQL=0 ScriptDB=1 SQLServerInstance=<instance_name> SQLService=mssql$<instance_name> SQLCmdlineOptions="/INSTANCENAME=<instance_name>"

Local named instance using local Windows authentication

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLServerInstance=<instance_name> SQLService=mssql$<instance_name> SQLCmdlineOptions="/INSTANCENAME=<instance_name>" InstallSQL=0 ScriptDB=1

For example, consider installing FortiClient EMS and pointing to a local instance with the following attributes:

  • Named "database000"
  • Using SQL authentication
  • SQL username "janedoe"
  • SQL password "password123"
  • Database initial size of 31 MB
  • Database initial log size of 4 MB
  • Database growth rate of 11 MB
  • Database log growth rate of 11%
  • Database login timeout of 31 seconds
  • Database SQL query timeout of 61 seconds

The installation command for this example is as follows:

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLUser=janedoe SQLUserPassword=password123 InstallSQL=0 ScriptDB=1 SQLServerInstance=database000 SQLService=mssql$database000 SQLCmdlineOptions="/INSTANCENAME=database000" DBInitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

Remote existing database

To create a backup directory:

Prior to installing FortiClient EMS, create a backup directory on the EMS server. The SQL Server service that is running on the EMS server and the Apache service that is running on the databaser server must both be able to access the backup directory. You must configure the backup directory as a subdirectory of a shared directory. The backup directory should be on the EMS server, not the SQL server.

  1. On the EMS server, create a shared directory.
  2. Create a backup directory inside the shared directory that you created.
  3. Right-click the shared directory and select Properties.
  4. On the Security tab, ensure all users have full control of the directory.
  5. On the Sharing tab, go to Advanced Sharing > Permissions.
  6. Ensure the following permissions are configured:
    • Services on the SQL server host have Change permissions.
    • Windows user that the services are running under has Change permissions.

Installation commands for remote existing databases

For remote instances using Windows authentication (domain user), do the following:

  1. Join the EMS and database servers to the same domain.
  2. Create a database user that maps to the domain user.
  3. In Command Prompt on the EMS server, run gpedit to open the Local Group Policy Editor.
  4. In Local Group Policy Editor, go to Computer Configuration > Windows Settings > Security Settings > Local Policies > User Rights Assignment.
  5. Double-click the Log on as a service. In the dialog, add the desired username from the Active Directory domain.

Database type

Command

Remote default or named instance using SQL authentication

FortiClientEndpointManagementServer_7.2.0.XXXX_x64.exe SQLServer=<SQL_Server_name> SQLUser=<username> SQLUserPassword=<SQL password> InstallSQL=0 ScriptDB=1 BackupDir=\\WIN-0888\Backup DB InitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

Remote default or named instance using Windows authentication (domain user)

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLServer=<SQL_Server_name> WindowsUser=<domain name>\<username> WindowsUserPassword=<password> InstallSQL=0 ScriptDB=1 BackupDir=<backupdirectorypath> DBInitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61

For example, consider installing FortiClient EMS and pointing to a remote named instance with the following attributes:

  • On a computer with DNS name WIN-088
  • Using Windows authentication
  • Domain name "forticlient.ca"
  • Database initial size of 31 MB
  • Database initial log size of 4 MB
  • Database growth rate of 11 MB
  • Database log growth rate of 11%
  • Database login timeout of 31 seconds
  • Database SQL query timeout of 61 seconds
  • Backup directory of \\WIN-0888\Backup

The installation command for this example is as follows. This example also includes the optional SQLEncryptConnection option:

FortiClientEndpointManagement_7.2.0.XXXX_x64.exe SQLServer=WIN-0888 WindowsUser=forticlient.ca\janedoe WindowsUserPassword=password123 InstallSQL=0 ScriptDB=1 BackupDir=\\WIN-0888\Backup SQLEncryptConnection=no DBInitialSize=31MB DBInitialLogSize=4MB DBGrowth=11MB DBLogGrowth=11% DBLoginTimeout=31 DBQueryTimeout=61