If the service account does not have sufficient privileges, before running the Knowledge Script, set up SQL authentication with AppManager Security Manager.
On the Custom tab in Security Manager, complete the following fields:
|
Field |
Description |
|---|---|
|
Label |
sql$<agent server name> For example, if your agent server name is SERVER1TEST, you would type sql$SERVER1TEST. IMPORTANT:The server name must be specified in the NetBIOS format only. |
|
Sub-label |
SQL user name that exists in the QDB. |
|
Value 1 |
Password for the user entered in the Sub-Label field. |
|
Value 2 |
Leave this field blank. |
|
Value 3 |
Leave this field blank. |
|
Extended application support |
Required field. Encrypts the user name and password in Security Manager. Do not leave this option unselected. |
NOTE:To discover or monitor the QDB and CCDB roles on a cluster instance, you must configure Security Manager on all cluster nodes.
When you want to discover the management server, use the SQL user name used above for the SQL Server login parameter of the Discovery_AMHealth Knowledge Script. For more information about discovering AM Health resources, see Section 2.5, Discovering AppManager Resources for Windows.
If an agent is not installed on the QDB, and the NetIQ Client Resource Monitor (netiqmc) service accounts on the management server do not have sufficient rights to access the QDB, configure the NetIQ services with a Windows account that has access to the QDB. Otherwise, configure the Discovery_AMHealth Knowledge Script to use SQL authentication by typing a SQL user name in the SQL Server login parameter for Discovery_AMHealth. For example, sql$<management server name>.
For example, if your management server name is SERVER1TEST, you would type sql$SERVER1TEST.
If an agent is not installed on the Control Center repository (NQCCDB), and the netiqmc service accounts on the NetIQ Command Queue Server do not have sufficient rights to access the NQCCDB, configure the NetIQ service accounts with a Windows account that has access to the NQCCDB. Otherwise, configure the Discovery_AMHealth Knowledge Script to use SQL authentication. For example, sql$<command queue server>.
For example, if your command queue server name is SERVER1TEST, you would type sql$SERVER1TEST.
If an agent is installed on QDB or NQCCDB, and the netiqmc service accounts on the NetIQ Command Queue Server do not have sufficient rights to access QDB or NQCCDB, you can configure SQL user of the agent in AppManager Security Manager to monitor the health and availability of AppManager components. For example, sql$<agent server name>.
For example, if your agent server name is SERVER1TEST, you would type sql$SERVER1TEST.
You can also use the AppManager Security Manager configuration listed above to monitor the health of a management server that is in an untrusted domain from your AppManager installation. Use a SQL Server user to allow the AM Health Knowledge Scripts on the management server in the untrusted domain to communicate with the QDB on the SQL Server. You cannot use Windows authentication, because the SQL Server will not be aware of any users that belong to the untrusted domain.