How to use Windows Integrated Security when installing Statistica Server?
Article ID: KB0076022
Updated On:
| Products | Versions |
|---|---|
| Spotfire Statistica | 13.3.1 and higher |
Description
When installing Statistica Server, it is recommended to create and use a SQL Server user for the Statistica metadata database. However, is it possible to use Windows NT Integration instead of SQL Server Authentication.
Reference:
For TIBCO Statistica Server (or TIBCO Data Science - Workbench), if using SQL Server (or SQL Server Express), the installation instructions on page 18 ( https://docs.tibco.com/pub/stat/13.5.0/doc/pdf/TIB_stat_13.5_installation.pdf?id=2) indicate the following:
2. Create a SQL Server user account and make it the owner of Statistica Enterprise Schema. This user account needs permission to create new tables, views and indices. After the installation, the permissions to create new tables, views and indices can be removed from this user account. This user account continues to need read/write permissions on the database for normal operations.
However, during the installation, there is another option, which is not part of the installation instructions but are provided as part of the Data Link Properties dialog:
Selecting this option results in the following popup when installing Statistica Server (Data Science - Workbench):
Reference:
For TIBCO Statistica Server (or TIBCO Data Science - Workbench), if using SQL Server (or SQL Server Express), the installation instructions on page 18 ( https://docs.tibco.com/pub/stat/13.5.0/doc/pdf/TIB_stat_13.5_installation.pdf?id=2) indicate the following:
2. Create a SQL Server user account and make it the owner of Statistica Enterprise Schema. This user account needs permission to create new tables, views and indices. After the installation, the permissions to create new tables, views and indices can be removed from this user account. This user account continues to need read/write permissions on the database for normal operations.
However, during the installation, there is another option, which is not part of the installation instructions but are provided as part of the Data Link Properties dialog:
Selecting this option results in the following popup when installing Statistica Server (Data Science - Workbench):
Issue/Introduction
This article discusses using Windows Integrated login for the metadata database credentials when installing Statistica server.
Environment
Windows operating systems only.
Resolution
Prerequisites for this to work successfully:
1. Must have NT AUTHORITY\SYSTEM as a user in the SQL database (which is typically exists already) and also needs to add the system user of the machine where Statistica is to be installed. It will look something like: domain\machine_name$. The user should be given database owner permissions.
2. Must have all Windows users who will use the Statistica application as users of the SQL database.
Note: The workstation install will work as usual, per the instructions on page 24 here: https://docs.tibco.com/pub/stat/13.5.0/doc/pdf/TIB_stat_13.5_installation.pdf?id=2
However, every Windows user who will have Statistica installed on their workstation/client will also need to be added to the SQL database in order to launch Statistica.
7. Select the "User Mapping" page, select the Statistica database (in this example, it is named SEWSS_Win), and select db_datareader and db_datawriter and click the OK button:
Note: Why use Windows NT Integrated Security? Windows NT Integrated security is more secure than SQL Authentication. See the first Important note here: https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/authentication-in-sql-server
1. Must have NT AUTHORITY\SYSTEM as a user in the SQL database (which is typically exists already) and also needs to add the system user of the machine where Statistica is to be installed. It will look something like: domain\machine_name$. The user should be given database owner permissions.
2. Must have all Windows users who will use the Statistica application as users of the SQL database.
To create or add the machine system user (and the NT AUTHORITY\SYSTEM user if it is missing), complete the following steps:
- In the SQL Server Management Studio, open Object Explorer
- Click Server_instance_name--> Security--> Logins
- Right-click Logins and select New Login
- On the General page, in the Login name field, type the name of a Windows user (it is important to type the name of the user as a search will not be able to find the user)
- Select Windows authentication.
- Select the Statistica database as the default database (in the example below, this is named SEWSS_Win):
Note: The workstation install will work as usual, per the instructions on page 24 here: https://docs.tibco.com/pub/stat/13.5.0/doc/pdf/TIB_stat_13.5_installation.pdf?id=2
However, every Windows user who will have Statistica installed on their workstation/client will also need to be added to the SQL database in order to launch Statistica.
To add Windows users to SQL, complete the following steps:
- In the SQL Server Management Studio, open Object Explorer
- Click Server_instance_name--> Security--> Logins
- Right-click Logins and select New Login
- On the General page, in the Login name field, type or search for the Windows user
- Select Windows authentication.
- Select the Statistica database as the "Default database":
7. Select the "User Mapping" page, select the Statistica database (in this example, it is named SEWSS_Win), and select db_datareader and db_datawriter and click the OK button:
Note: Why use Windows NT Integrated Security? Windows NT Integrated security is more secure than SQL Authentication. See the first Important note here: https://docs.microsoft.com/en-us/dotnet/framework/data/adonet/sql/authentication-in-sql-server
Additional Information
Feedback
Yes
No
Powered by
