Procedure in the DriveLock Server Setup Wizard

Proceed as follows in the wizard:

  1. In the Welcome to the DriveLock Server Setup wizard dialog, click Next.

  2. Select the SSL/TLS certificate from the computer's certificate store in the following dialog.

    If it is an installation in a test environment, you can also have DriveLock generate a self-signed certificate. The certificate must fulfill certain requirements, see Trusted certificates.

    Please note the following:

    • In addition to HTTP communication, which uses the certificate from the certificate store, DriveLock uses an MQTT broker that requires the certificate as a file. To do so, the certificate must be exportable together with the private key.

    • If the private key cannot be exported, the wizard will inform you on the following page. You then have the option of generating a self-signed certificate for the MQTT broker.

    • If you decide to use a self-signed certificate for all communication, we recommend entering the certificate in the trusted certificates in the policy so that the communication between DES and agent is secure.

  3. In the following dialog, select the option Specify login account for DES if you want to create a new database.

    This option is selected by default if you selected the DES option when installing the server.

  4. Next, enter the connection data for the database server.

    • Here you can optionally specify a different user for database access. Windows and SQL Server authentication are possible. This data is not stored and is used exclusively for the installation or update.

      If you also want to specify the port, the Server Setup Wizard supports the following notation:
      FQDN,Port\Instance (e.g.: myDLServer,14330\SQLEXPRESS)

    • After entering the server name, click the Test connection button. If a green tick appears, the connection has been established. If there are any connection problems, these will be displayed in the area under Messages . You can then find an appropriate solution.

    • Select Install a new database as the action.

     

  5. There are several options for creating the database, depending on certain scenarios.

    • Create database:

      This option is set by default. The database is created on the SQL server. The account that performs the installation must have the appropriate permissions on the SQL server (dbcreator role). If you deselect this option, you must provide a database. The schema is then installed in this database.

    • Create database login on SQL server:

      This option is also set by default. A login is created for the DES service account. The account that performs the installation must have appropriate permissions on the SQL Server (securityadmin role).

    • Give DES service account full permission on the database (db_owner). Recommended for SQL Express:

      This option is not set by default. This gives the DES service account maximum rights to the DriveLock databases and enables it to perform tasks such as maintenance (index maintenance), cleaning up old data records and backing up the database.

      For larger environments or when operating on a full SQL server, we recommend switching this option off.

  6. Next, enter the administrative user accounts for the DriveLock management components. This is usually the DriveLock administrator who performs the installation.

     

  7. In the next dialog, specify whether you want to activate database maintenance or backup. Accept the standard options.

  8. Finally, a summary is displayed. Click Finish. The DriveLock Enterprise Service (DES) will now start automatically.