Set up the Reporting Environment

The AD Bridge reporting environment consists of multiple endpoints:

  • Admin machine: The computer that manages the domain with the BeyondTrust Management Console (BMC) and group policy extension.
  • Agent machine: The computers that generate and forward the events to the collection server.
  • Collection server: Hosts the collector and reaper services (BTEventdbreaper and BTCollector).
  • Database server: Stores all the records.

In the reporting environment, data (events) flow from the agent machine computers to the configured collection server and from there to the database server and other configured integrations. For the purposes of configuration, this guide goes in the reverse order so that dependencies are met: database server, collection server, and admin machine.

Configure the Database Server

This guide provides general guidelines on configuring SQL Server security and assumes the database administrators are already familiar with the steps required to configure logins, users, and roles.

This section provides a reference for users unfamiliar with SQL Server.

SQL Server Permissions and Roles

The steps here assume the use of SQL Server Management Studio.

  1. On the domain to which the database server instance is joined, ensure the following groups are created in Active Directory:
    • ADB_DB_Administrators
    • ADB_Collectors
    • ADB_DB_Archive_Administrators
    • ADB_Report_Viewers
    • ADB_LDBUpdate
  1. Ensure that the user has access to an SQL Server administrator account.

Set Up the Collection Server

The collector and reaper services must be installed on the collection server. Use the database utilities package (ADBridgeDBUtilities.msi) to install the following to your data collection server:

  • BTCollector: Contains RPC server code to enable the agent's forwarding service, eventfwd, to upload events to the database server by using secure, authenticated transport protocols. BTCollector runs as a Windows auto-start service and can be managed from the command line.
  • BTEventDBReaper: Copies events from the collector server to the central database. The process runs as a Windows auto-start service and can be managed from the command line. BTEventDBReaper depends on BTCollector to work properly: If BTCollector is not running, BTEventDBReaper fails.

Install Database Utilities

In earlier versions of AD Bridge, BeyondTrust provided reporting scripts on the ISO image. In AD Bridge version 10.0 and later, an ISO image is no longer created. The following scripts are now installed with the ADBridgeDBUtilities* package located in C:\Program Files\BeyondTrust\PBIS\Enterprise\DBUtilities\Resources: CreateLikewiseEnterpriseDatabase.sql and ReportingPermissions.sql.

Run the AD Bridge Enterprise Database Utilities installer program (ADBridgeDBUtilities-x.x.x.x.msi) in C:\Program Files\BeyondTrust\PBIS\Enterprise or on your AD Bridge Enterprise installation media.

  1. Run the ADBridgeDBUtilities*.exe.
  1. Follow the install to completion.

Create the LikewiseEnterprise Database and DBReaper

After the collector and reaper services are installed, create the database using the Reporting Database Connection Manager.

SQL Server administrator rights are required for the user installing the database.

  1. From the Start menu, go to BeyondTrust > AD Bridge, and select Reporting Database Connection Manager.

AD Bridge reporting database connection dialog box

  1. Select Enable BeyondTrust AD Bridge Reporting.

 

  1. Select the SQL Server instance from the list.
  2. Select the authentication method. If you select SQL Server Authentication, enter the credentials. We recommend you use Windows Authentication as a best practice.
  3. Enter the timeout value.
  4. Click Create Database.
  5. When prompted to create roles and permissions, click Yes. The database creation and roles and permission scripts remain on the machine in the C:\Program Files\BeyondTrust\PBIS\Enterprise\DBUtilities\Resources directory.
  6. Click OK to set the connection settings.