Tasks of the DriveLock Server Setup wizard

After installing the server (also known as MSI setup), the DriveLock Server Setup wizard starts automatically. After an update, the wizard only starts on the central DES to update the database.

Proceed as follows in the wizard:

  1. In the Welcome to the DriveLock Server Setup wizard dialog, click Next.

  2. Select the SSL/TLS certificate in the following dialog.

    Please note that this page is only displayed for a new installation.

    Select a certificate from the computer's certificate store. When updating, DriveLock continues to use the previous certificate. If it is an installation in a test environment, you can also have DriveLock generate a self-signed certificate. The certificate must fulfill certain requirements, see Trusted certificates.

    Please note the following:

    • In addition to HTTP communication, which uses the certificate from the certificate store, DriveLock uses an MQTT broker that requires the certificate as a file. To do so, the certificate must be exportable together with the private key.

    • If the private key cannot be exported, the wizard will inform you on the following page. You then have the option of generating a self-signed certificate for the MQTT broker.

    • If you decide to use a self-signed certificate for all communication, we recommend entering the certificate in the trusted certificates in the policy so that the communication between DES and agent is secure.

    The following pages are only displayed on central DES to set up or update the database:

  3. In the following dialog, select the option Specify login account for DES if you want to create a new database.

    It is the default option if you chose the DES option when installing the server.

    Information on creating a linked DES can be found here.

  4. Next, specify the connection details for the database server.

    • Here you can optionally specify a different user for database access. Windows and SQL Server authentication are possible. This data is not stored and is used exclusively for the installation/update.

      If you want to specify the port, the database installation wizard supports the following notation:
      FQDN,Port\Instance (e.g.: myDLServer,14330\SQLEXPRESS)

    • After entering the server name, click the Test connection button. The connection is established when the green check mark appears. If connection issues occur, they will be displayed in the area under Messages. You can then find an appropriate solution.

    • Select Install a new DriveLock database as installation action.

     

  5. There are several solutions for creating the database, based on different scenarios.

    • Create database:

      This option is set by default. The database is created on the SQL server. The account performing the installation must have appropriate permissions on the SQL Server (dbcreator role). If you deselect this option, you must provide a database. The schema is then installed into this database.

    • Create database login on SQL Server:

      This option is also set by default. A login is created for the service account of the DES. The account performing the installation must have appropriate permissions on the SQL Server (securityadmin role).

    • Give DES service account full permission on the database (db_owner). Recommended for SQL Express:

      This option is not set by default. It gives the DES service account maximum rights to the DriveLock databases, allowing it to perform tasks such as maintenance (index maintenance), cleaning up old records and backing up the database.

      For larger environments or when running on a full SQL Server, we recommend disabling this option.

  6. Next, specify the administrative user accounts for the DriveLock management components. This is usually the DriveLock administrator who will be used to run the installation.

     

  7. In the next dialog, specify whether you want to enable database maintenance or backup. Accept the default options.

  8. The last thing you will see is a summary. Click Finish.