Skip to main content

Use case 3: Change to a new local service account (Used Windows authentication to connect with SQL server)

This use case demonstrates the processes when swapping to a new local Bravura Security service user (psadmin) account when using Windows authentication to connect with SQL server. The Bravura Security Fabric instance and the database must be on the same server:

  1. Create a new local service account and add it to the Administrators group.

  2. Give the new account the "Logon as a service" right under Local Security Policy settings.

  3. Add a new user account into the database:

    1. Start Microsoft SQL Server Management Studio and connect to the server as a system administrator.

    2. Create a new login as the new account and set it in the database, according to install instructions.

    3. Verify that you can login from the Bravura Security Fabric server to the database successfully with the DBUser credential pair (account, password).

  4. If the password is changed, run iddbadm to update the credential used by iddb in the registry key HKLM\SOFTWARE\Bravura Security\Bravura Security Fabric\<instance>\MSSQL.

    Alternatively, if only the account name changed and it is simpler and privileges available allow it, update the account name (DBUser value) in the registry directly.

  5. Run serviceacct from the command line to update the known locations where the account is used with the new service account information.

    1. Open the command line as an administrator.

    2. Go to <Program Files path>\Bravura Security\Bravura Security Fabric\<instance>\ util\.

    3. Run:

      serviceacct -account -password -restart

    4. Input the new account name and password.

In this section: