Cisco Unified MeetingPlace, Release 7.0 -- How to Create and Use a Least-Privileged SQL Account for Web Conferencing
Main page: Cisco Unified MeetingPlace, Release 7.0
Up one level: Configuration
By default, the Cisco Unified MeetingPlace Web Conferencing installer suggests using the SQL built-in sa administrator account as the SQL Server user name. Often, a strong password for the sa account is sufficiently secure to protect your system from unauthorized access. However, if you do not want to continue to use a SQL account that has full administration rights after the installation is complete, you can create a SQL account with minimal privileges that is dedicated for use with Cisco Unified MeetingPlace Web Conferencing, and configure the Web Server to use this account.
Complete the following procedures in the order shown to create and use a least-privileged SQL account:
Creating a Least-Privileged SQL Account for Web Conferencing
Caution! If you choose to create a SQL account that is dedicated for use with Cisco Unified MeetingPlace Web Conferencing, ensure that it meets all the specified database role requirements in this procedure. Failure to do so can cause a database connection failure between the web conferencing application and the SQL Server and result in a total outage or broken features.
Note: If Cisco TAC determines that your SQL account does not meet requirements, you will be asked to reconfigure your SQL account and to delete any existing Cisco Unified MeetingPlace Web Conferencing database so that a new database can be created once the account problem is remedied.
- Open the SQL Server Enterprise Manager and create a new login:
- On the Start menu, click Programs > SQL Server 2000 > Enterprise Manager.
- Click a server group to expand it, then click the name of a server.
- Click Security > New Login.
- The SQL Server Login Properties window displays.
- Enter a name for the login on the General tab.
- Click SQL Server Authentication.
- Enter a password for the account.
- Click MPWEB from the Database drop-down menu to set the MPWEB database as the default database.
- Click the Database Access tab.
- Specify the database roles for the MPWEB database:
- Check the MPWEB database in the Databases table.
- Check the boxes for the following roles in the Database Roles table:
- Repeat Step 7 for each additional MPWEB slave database.
- The slave databases have names that begin with "MPWEB_". Depending on your deployment, your SQL Server will have either one or two slave databases.
- Click OK to complete the account configuration.
Updating SQL Account Access from the MeetingPlace Gateway Configurations Utility
The MeetingPlace Gateway Configurations utility allows you to update the Web Server with the least-privileged SQL login account that you have already created. It does not create a SQL Server login or update the SQL Server for you.
Before You Begin
Change the username and password on SQL Server. See Creating a Least-Privileged SQL Account for Web Conferencing for instructions.
- Stop the Cisco Unified MeetingPlace Web Conferencing Service.
- Open the MeetingPlace Gateway Configurations utility.
- Click the Web Conferencing tab.
- Enter the hostname or IP address of the SQL Server that you want to update in the Server field.
- Enter local for a local server.
- Enter the username and password that you applied to the SQL Server.
- Click OK.
- Restart the Cisco Unified MeetingPlace Web Conferencing Service.
NOTE: When you restart the Web Server, all manual changes made to the registry are lost.