Configure Windows Authentication to the Database
As a security best practice for PCI DSS compliance, use Windows authentication for database access.
For more information, please see Database Permissions Matrix.
Change Database Authentication
You can set up Windows authentication on your SQL Server database.
- Log in to SQL Server.
- Create a SQL Server login, such as Domain\RemoteServerName$.
- Go to the properties for the new login, and create a user mapping to the BeyondInsight database and the REM3Admins role.
SQL Server 2012
In an environment where SQL Server 2012 and BeyondInsight are installed on different servers, SQL Server uses Domain\MachineName$ for Windows authentication.
However, when SQL Server 2012 and BeyondInsight are on the same server, SQL Server must use NT AUTHORITY\NETWORK SERVICE for Windows authentication. This account is not created by default on SQL Server 2012. You must therefore create the NT AUTHORITY\NETWORK SERVICE account in SQL Server before changing the authentication mode. Permissions assigned on the BeyondInsight database must include db_owner and REM3Admins, a custom role created by the installer.