Manually Configure SQL Server Permissions

The Recast Management Server requires a SQL Server version 4.0 or higher. A fully licensed version of SQL is strongly recommended to avoid the 10GB storage limitation of SQLExpress. 

The account installing Recast Management Server will need SysAdmin permission in the SQL instance to create the database. After the database is created, the SysAdmin privilege can be removed. If the account running the installation has permissions to remotely connect, the Test SQL Connection button can verify connectivity to the SQL Server.

If the account running the Recast Management Server installer does not have access to create a SQL database, you can pre-create the Recast Management Server database and assign permissions manually. There are two users that will need to be assigned permissions in SQL: the computer account and the IIS AppPool\Recast Management Server account.

NOTE: The IIS AppPool\Recast Management Server account will not exist until after the installation is finished, so db_owner permissions will need to be assigned after installation.

Pre-create the RecastManagementServer Database

If database administrators aren't able/willing to give SysAdmin rights to the user account running the installation, the database administrator can manually create a database named RecastManagementServer.

Add the Computer Account via SQL Server Management Studio (SSMS)

If the computer account for the Recast Management Server computer does not exist in SQL, users will need to add the account manually. The computer account will need to be added in two places, as a Login Account, and as a Database User account.

Add the Computer Account as a Login Account

To create the computer account as a login account:

1. Open SSMS and expand the folder of the server instance in which you want to create the new login.

2. Right-click on the Security folder, point to New and select Login.

3. In the Login - New window, on the General page, enter the Login name of the account in the following format: <domain name>\<computer name>$. Including the dollar sign ($) treats the login name as a computer account rather than a user account.

Adding Login Account

5. On the User Mapping page, in the Users mapped to this login section, select RecastManagementServer.

6. In the Database role membership section, select db_owner.

Add the Computer Account as a Database User Account

To add the computer account as a database user account:

1. Open SSMS and navigate to MBAM Databases > Security > Users.

2. Right-click on the Users folder and select New User.

3. Switch the user type to 'Windows' and add the user name and the login name in the following format: <domain>\<username>.

NOTE: User name and Login name are the same.

4. On the Membership tab, select the db_datareader box and assign the account db_datareader permissions for the MBAM databases by clicking OK.

NOTE: Users must be added to both the MBAM Compliance Status and MBAM Recovery and Hardware Status databases.

Set Database Recovery Model

By default, the RecastManagementServer database is set to full recovery. We recommend switching your SQL Server recovery model from full recovery to simple recovery to prevent the database from running out of disk space because of transaction logs.

To learn more about the difference between simple, full, and bulk-logged recovery, see Recovery Models (SQL Server) | Microsoft Learn.

To switch the SQL Server recovery model to simple recovery:

1. Open SQL Server Management Studio (SSMS).

2. Expand the Databases folder.

3. Right-click on the RecastManagementServer database and select Properties from the drop-down menu.

4. In Database Properties, click the Options page.

5. Change the Recovery model to Simple and click OK to save your changes.