Configuring LAW and SQL

<< Click to Display Table of Contents >>

Navigation:  Detailed Checklist > Database Installation and Configuration >

Configuring LAW and SQL

InfoIconSQL Server User Account Options

There are three methods of specifying user accounts for use with SQL Server.  It is strongly recommended that the same login is used for configuring the LAW Environment, NIST, and File Type Management databases.

Create a Global Default User for CloudNine™ LAW

Create SQL Server Authentication custom login for CloudNine™ LAW

Create Individual Users with Integrated Security

Use this method when using SQL Server for other applications in addition to CloudNine™ LAW. This option helps to prevent users of SQL Server from accessing and modifying any other existing databases.

To create a generic global user account using this method:

Setup a SQL Server user with create/modify permissions.

The user name and password should be:

User: LAW_User

Pwd: (Contact customer support for assistance.)

When using the default user, the security mode for SQL Server must be set to SQL Server and Windows or mixed-mode authentication.

Use this method when using SQL Server for other applications in addition to CloudNine™ LAW. This option helps to prevent users of SQL Server from accessing and modifying any other existing databases yet provides additional security for your databases.

To create a custom SQL user account:

Setup a SQL Server user with create/modify permissions.

The user name and password will be referenced whenever accessing SQL (Database management, NIST storage, File Type Database Management, and for caselist storage).

User: (Custom SQL login following SQL Guidelines)

Pwd: (Custom password following SQL Guidelines)

When using this option, the security mode for SQL Server must be set to SQL Server and Windows for mixed-mode authentication.

This method allows a user to create SQL Server cases without adding a special user to SQL Server as long as the current user has database create permissions on the specified SQL Server. Windows integrated security may be used when accessing/creating SQL Server cases.

If using this method, each user must be set-up on the SQL Server to allow access to the case.

To enable this feature:

Select the Use Windows NT integrated security option when specifying the database backend for newly created cases.

 

InfoIconCreate a SQL Server Authentication Custom Login

How to create a SQL Server Authenticated custom SQL login for CloudNine LAW using a custom name and/ or password.

Warning

The option for the custom SQL Server Authenticated login is only available for use with LAW 7.1 and higher.  It is not supported on workstations that are using earlier versions of LAW.

1.Start SQL Server Management Studio. This is located in Start > All Programs > Microsoft SQL Server > SQL Server Management Studio.

Note

Windows 10: TIButtonWindows>Microsoft SQL Server> SQL Server Management Studio.

2.Login to the SQL Server instance.

3.Expand Security, right click Logins, and then select New User.

4.In Login name type (the desired login name).

5.Select SQL Server authentication.

6.In the Password and Confirm password fields type the desired password. (Please make a note of this password in a secure place as LAW customer support does not have a means to reset this password if forgotten or misplaced).

sqlsacustomloginpasswordoptions

7.Select/deselect password options based on your company policy: Enforce password policy, Enforce Password expiration, and User must change password at next login.

 

 

Warning

If opting to leave Enforce password policy, Enforce Password expiration, and User must change password at next login selected; when the password is changed then you will need to also update each LAW case and database through LAW that uses that password.  See Adding SQL Server Authentication custom login for more information about updating the passwords.

 

8.In the left panel of the dialog box, click Select Server Roles and then select dbcreator. The Public role should already be selected by default.

9.Click OK.

10.Close Microsoft SQL Management Studio.

 

InfoIconAdding SQL Server Authentication Custom Login to Existing Databases

The Custom SQL Server Authenticated login is available for all newly created databases by simply using the login and password during case creation.  For existing cases, the case will need to be mapped to the custom login in SQL.

1.Start SQL Server Management Studio. This is located in Start > All Programs > Microsoft SQL Server > SQL Server Management Studio.

Note

Windows 10: TIButtonWindows>Microsoft SQL Server> SQL Server Management Studio.

2.Login to the SQL Server instance as a SQL administrator (or on an account with elevated privileges).

3.Expand Security, expand Logins.

4.Right click on the newly created custom login, and then select Properties.

5.Select User Mapping.

6.Select the box for the database TIButtonBlankBox and then select db_owner for each database that the new login is to be provisioned.  

Warning

The database role, db_owner, needs to be selected following the selection of each database.  Selecting multiple databases and then selecting the role db_owner will only add db_owner to the last database selected.

 

sqlloginusermapping_zoom50

If using the SQL SA custom login in the , then consider adding, under User Mapping, the following databases as well:

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

LAW Configuration Utility Tab:

Example of database name in SQL.

Management Database:

LAW5_Management

File Type Database:

LAW5_Management (and other external file type databases in SQL)

NIST:

LAW_NIST

*Note: the NIST database uses the same login information as the Management Database.

Consider adding the following databases to the custom login: Databases to consider adding to the SQL SA custom login

Database Function

Example of database name in SQL.

LAW Distributed batch processing

LAW5_BatchControl

*Login and password should be the same as the login used for the Management Database.

Explore case management

EDA_Management

7.When all databases have been mapped, then select OK.

8.Then launch LAW.

9.On the File menu select Open Case.

opencaseii_zoom50

10.The Open Case dialog box appears.

11.Highlight the SQL case that you want to change to the custom SQL login.

12.Either select Properties or right click on the case and select Properties.

13.The Case Properties dialog box appears.

caseproperties_zoom50

14.The SQL Server Connection Details section is available for updates to Server Name, Use Windows Authentication, User name, and Password.

15.Change the user name and password to the custom SQL login and password.

16.Select OK  to close the Case Properties window.

17.The new login is amended to the case.

 

Warning

If during SQL SA custom login creation Enforce password policy, Enforce Password expiration, and User must change password at next login were selected, then note all databases that are using the SQL SA custom login. Each LAW case updated or created with the SQL SA custom login will need to be updated through LAW, using steps 8 - 17, after the password is updated in SQL.  If the Management database, File Type database, and/or NIST database uses a SQL SA custom login then the configuration utility will need to be updated with the new password on each machine using LAW.