Set up the Reporting Environment

The AD Bridge reporting environment consists of multiple endpoints:

  • Admin machine: The computer that manages the domain with the BeyondTrust Management Console (BMC) and group policy extension.
  • Agent machine: The computers that generate and forward the events to the collection server.
  • Collection server: Hosts the collector and reaper services (BTEventdbreaper and BTCollector).
  • Database server: Stores all the records.

In the reporting environment, data (events) flow from the agent machine computers to the configured collection server and from there to the database server and other configured integrations. For the purposes of configuration, this guide goes in the reverse order so that dependencies are met: database server, collection server, and admin machine.

Configure the Database Server

This guide provides general guidelines on configuring SQL Server security and assumes the database administrators are already familiar with the steps required to configure logins, users, and roles.

This section provides a reference for users unfamiliar with SQL Server.

SQL Server Permissions and Roles

These steps assume the use of SQL Server Management Studio:

  1. On the domain to which the database server instance is joined, ensure the following groups are created in Active Directory:
    • ADB_DB_Administrators
    • ADB_Collectors
    • ADB_DB_Archive_Administrators
    • ADB_Report_Viewers
    • ADB_LDBUpdate
  2. Ensure that the user has access to an SQL Server administrator account.

Set Up the Collection Server

The collector and reaper services must be installed on the collection server. Use the database utilities package (ADBridgeDBUtilities.msi) to install the following to your data collection server:

  • BTCollector: Contains RPC server code to enable the agent's forwarding service, eventfwd, to upload events to the database server by using secure, authenticated transport protocols. BTCollector runs as a Windows auto-start service and can be managed from the command line.
  • BTEventDBReaper: Copies events from the collector server to the central database. The process runs as a Windows auto-start service and can be managed from the command line. BTEventDBReaper depends on BTCollector to work properly: If BTCollector is not running, BTEventDBReaper fails.

BTEventDBReaper generates logs in the following directory: C:\Program Data\BeyondTrust\logging and is configurable using nlog.conf file found in C:\Program Files\BeyondTrust\PBIS\Enterprise\DBUtilities\nlog.config.

Install Database Utilities

The following scripts are now installed with the ADBridgeDBUtilities* package located in C:\Program Files\BeyondTrust\PBIS\Enterprise\DBUtilities\Resources: CreateLikewiseEnterpriseDatabase.sql and ReportingPermissions.sql.

To install the database utilities:

  1. Run the AD Bridge Database Utilities installer program (ADBridgeDBUtilities-x.x.x.x.msi)
  2. Follow the install to completion.

Create the LikewiseEnterprise Database and DBReaper

After the collector and reaper services are installed, create the database using the Reporting Database Connection Manager.

SQL Server administrator rights are required for the user creating and installing the database.

  1. From the Start menu, go to BeyondTrust > AD Bridge, and select Reporting Database Connection Manager.

Alternatively, you can run the tool from the command line: C:\Program Files\BeyondTrust\PBIS\Enterprise\DBUtilities\bteventdbreaper /gui.

  1. Select Enable BeyondTrust AD Bridge Reporting.
  2. Select the SQL Server\Instance from the list.
  3. Select the authentication method. We recommend you use Windows Authentication as a best practice. If you select SQL Server Authentication, enter the credentials.
  4. Enter the Timeout value.
  5. Click Test Connection to confirm that the permissions are correct.
  6. Click Create Database.
  7. When prompted to create roles and permissions, click Yes. The database creation and roles and permission scripts remain on the machine in the C:\Program Files\BeyondTrust\PBIS\Enterprise\DBUtilities\Resources directory.
  8. Click OK to set the connection settings.

 

You can also create the database from the BeyondTrust Console (see Set up the Admin Machine).