deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-27 20:57:23 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity
windows-itpro-docs/mdop/mbam-v25/how-to-configure-the-mbam-25-databases.md
Duncan Mackenzie ca5b28b334 Fixing insecure links to microsoft.com
2018-08-28 11:41:12 -07:00

11 KiB
Raw Blame History

title, description, author, ms.assetid, ms.pagetype, ms.mktglfcycl, ms.sitesec, ms.prod, ms.date
title description author ms.assetid ms.pagetype ms.mktglfcycl ms.sitesec ms.prod ms.date
How to Configure the MBAM 2.5 Databases How to Configure the MBAM 2.5 Databases jamiejdt 66e1c81b-f785-4398-9175-bb5f112c2a35 mdop, security manage library w10 06/16/2016

How to Configure the MBAM 2.5 Databases

This topic explains how to configure the Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 Compliance and Audit Database and the Recovery Database by using:

  • A Windows PowerShell cmdlet

  • The MBAM Server Configuration wizard

The instructions are based on the recommended architecture in High-Level Architecture for MBAM 2.5.

Before you start the configuration:

Step Where to get instructions

Review the recommended architecture for MBAM.

[High-Level Architecture for MBAM 2.5](high-level-architecture-for-mbam-25.md)

Review the supported configurations for MBAM.

[MBAM 2.5 Supported Configurations](mbam-25-supported-configurations.md)

Complete the required prerequisites on each server.

  • [MBAM 2.5 Server Prerequisites for Stand-alone and Configuration Manager Integration Topologies](mbam-25-server-prerequisites-for-stand-alone-and-configuration-manager-integration-topologies.md)

  • [MBAM 2.5 Server Prerequisites that Apply Only to the Configuration Manager Integration Topology](mbam-25-server-prerequisites-that-apply-only-to-the-configuration-manager-integration-topology.md) (if applicable)

Install the MBAM Server software on each server where you plan to configure an MBAM Server feature.

Note  

You can install the databases to a remote SQL Server computer by using Windows PowerShell or an exported data-tier application (DAC) package. For more information about DAC packages, see [Data-tier Applications](https://technet.microsoft.com/library/ee210546.aspx).

 

[Installing the MBAM 2.5 Server Software](installing-the-mbam-25-server-software.md)

Review the prerequisites for using Windows PowerShell if you plan to use Windows PowerShell cmdlets to configure MBAM Server features.

[Configuring MBAM 2.5 Server Features by Using Windows PowerShell](configuring-mbam-25-server-features-by-using-windows-powershell.md)

 

To configure the databases by using Windows PowerShell

  1. Before you start the configuration, see Configuring MBAM 2.5 Server Features by Using Windows PowerShell to review the prerequisites for using Windows PowerShell.

  2. Use the Enable-MbamDatabase Windows PowerShell cmdlet to configure the databases. To get information about this Windows PowerShell cmdlet, type Get-Help Enable-MbamDatabase.

To configure the Compliance and Audit Database by using the wizard

  1. On the server where you want to configure the databases, start the MBAM Server Configuration wizard. You can select MBAM Server Configuration from the Start menu to open the wizard.

  2. Click Add New Features, select Compliance and Audit Database and Recovery Database, and then click Next. The wizard checks that all prerequisites for the databases have been met.

  3. If the prerequisite check is successful, click Next to continue. Otherwise, resolve any missing prerequisites, and then click Check prerequisites again.

  4. Using the following descriptions, enter the field values in the wizard:

    Field Description

    SQL Server name

    Name of the server where you are configuring the Compliance and Audit Database.

    Note  

    You must add an exception on the Compliance and Audit Database computer to enable inbound traffic on the Microsoft SQL Server port. The default port number is 1433.

     

    SQL Server database instance

    Name of the database instance where the compliance and audit data will be stored. You must also specify where the database information will be located.

    Database name

    Name of the database that will store the compliance data.

    Note  

    If you are upgrading from a previous version of MBAM, you must use the same database name as the name that was used in your previous deployment.

     

    Read/write access domain user or group

    Domain user or group that has read/write permission to this database to enable the web applications to access the data and reports in this database.

    If you enter a user in this field, it must be the same value as the value in the Web service application pool domain account field on the Configure Web Applications page.

    If you enter a group in this field, the value in the Web service application pool domain account field on the Configure Web Applications page must be a member of the group you enter in this field.

    Read-only access domain user or group

    Name of the user or group that will have read-only permission to this database to enable the reports to access the compliance data in this database.

    If you enter a user in this field, it must be the same user as the one you specify in the Compliance and Audit Database domain account field on the Configure Reports page.

    If you enter a group in this field, the value that you specify in the Compliance and Audit Database domain account field on the Configure Reports page must be a member of the group that you specify in this field.

     

  5. Continue to the next section to configure the Recovery Database.

To configure the Recovery Database by using the wizard

  1. Using the following descriptions, enter the field values in the wizard:

    Field Description

    SQL Server name

    Name of the server where you are configuring the Recovery Database.

    Note  

    You must add an exception on the Recovery Database computer to enable inbound traffic on the Microsoft SQL Server port. The default port number is 1433.

     

    SQL Server database instance

    Name of the database instance where the recovery data will be stored. You must also specify where the database information will be located.

    Database name

    Name of the database that will store the recovery data.

    Note  

    If you are upgrading from a previous version of MBAM, you must use the same database name as the name that was used in your previous deployment.

     

    Read/write access domain user or group

    Domain user or group that has read/write permission to this database to enable the web applications to access the data and reports in this database.

    If you enter a user in this field, it must be the same value as the value in the Web service application pool domain account field on the Configure Web Applications page.

    If you enter a group in this field, the value in the Web service application pool domain account field on the Configure Web Applications page must be a member of the group you enter in this field.

     

  2. When you finish your entries, click Next.

    The wizard checks that all prerequisites for the databases have been met.

  3. If the prerequisite check is successful, click Next to continue. Otherwise, resolve any missing prerequisites, and then click Next again.

  4. On the Summary page, review the features that will be added.

    Note   To create a Windows PowerShell script of the entries that you just made, click Export PowerShell Script, and then save the script.

     

  5. Click Add to add the MBAM databases on the server, and then click Close.

Related topics

Server Event Logs

Configuring the MBAM 2.5 Server Features

How to Configure the MBAM 2.5 Reports

How to Configure the MBAM 2.5 Web Applications

Validating the MBAM 2.5 Server Feature Configuration

 

Got a suggestion for MBAM?