Enterprise Vault™ Compliance Accelerator Installation Guide

Last Published:
Product(s): Enterprise Vault (14.3)
  1. Introducing Compliance Accelerator
    1.  
      Key features of Compliance Accelerator
    2.  
      About the Compliance Accelerator components
    3. Product documentation
      1.  
        White papers on the Veritas Support website
  2. Preparing to install Compliance Accelerator
    1. Configuration options for Compliance Accelerator
      1.  
        Compliance Accelerator configuration for large installations
      2.  
        Compliance Accelerator configuration for smaller installations
    2.  
      Supported versions of Enterprise Vault in Compliance Accelerator environments
    3. Prerequisites for Compliance Accelerator
      1.  
        Prerequisites for the SQL Server computer
      2.  
        Prerequisites for the Compliance Accelerator server computer
      3.  
        Prerequisites for the Enterprise Vault server computer
      4.  
        Prerequisites for Compliance Accelerator client computers
      5. Prerequisites for Veritas Advanced Supervision
        1.  
          Additional requirements for Veritas Advanced Supervision
        2.  
          Set Kerberos Trusted Delegation
    4.  
      Configuring Outlook to enable the processing of items with many attachments or many recipients
    5.  
      Setting the Windows and ASP.NET Temp folder permissions
    6. Security requirements for temporary folders
      1.  
        Granting additional users and groups access to the temporary folders
    7.  
      Disabling networking facilities that can disrupt a Compliance Accelerator environment
    8.  
      Disabling the Windows Search Service on the Compliance Accelerator server
    9.  
      Ensuring that the Windows Server service is running on the Compliance Accelerator server
    10.  
      Configuring the SQL Server Agent service
    11.  
      Assigning SQL Server roles to the Vault Service account
    12.  
      Installing and configuring the SQL full-text search indexing service
    13.  
      Verifying that Enterprise Vault expands distribution lists
    14. Configuring Intelligent Review API Authentication and Authorization
      1.  
        Setting Kerberos trusted delegation between Compliance Accelerator Servers and Compliance Accelerator Database Servers
      2.  
        Setting Kerberos trusted delegation between Compliance Accelerator Servers and Compliance Accelerator Database Servers on IP address
  3. Installing Compliance Accelerator
    1. Installing the Compliance Accelerator server software
      1.  
        Allowing Enterprise Vault to communicate with Compliance Accelerator through the Windows firewall
      2.  
        Creating the configuration database and customer databases
      3.  
        Uploading the Compliance Accelerator report templates
      4.  
        Configuring a dedicated server for Intelligent Review processing (optional deployment configuration)
      5. Configuring Compliance Accelerator for use in a SQL Server Always On environment
        1.  
          Using SQL Server Reporting Services in an Always On environment
      6. Installing Compliance Accelerator in a clustered environment
        1.  
          Configuring Compliance Accelerator for use in a Network Load Balancing cluster
      7.  
        Maximizing security in your Compliance Accelerator databases
    2. Installing the Compliance Accelerator client software
      1.  
        Modifying the configuration file for the Compliance Accelerator client
      2.  
        Using the MSI installer package to install the Compliance Accelerator client
    3.  
      Uninstalling Compliance Accelerator
  4. Appendix A. Ports that Compliance Accelerator uses
    1.  
      Default ports for Compliance Accelerator
    2.  
      Changing the ports that Compliance Accelerator uses
  5. Appendix B. Troubleshooting
    1.  
      Error messages appear in the event log when upgrading to Compliance Accelerator 14.3
    2.  
      Enterprise Vault Accelerator Manager service not created
    3.  
      Enterprise Vault Accelerator Manager service does not start
    4.  
      "Access is denied" message is displayed when you try to create a customer database on a UAC-enabled computer
    5.  
      Cannot create or upgrade Compliance Accelerator customer databases when Symantec Endpoint Protection is running
    6.  
      Permissions error when uninstalling the Compliance Accelerator client from a UAC-enabled computer
    7.  
      Uninstalling the Compliance Accelerator client from a shared location may prevent other users from starting the client
    8.  
      Error messages when the Intelligent Review (IR) API authentication and authorization fails
  6. Appendix C. Installing and configuring the Enhanced Auditing feature
    1.  
      Overview
    2.  
      Prerequisites for the Enhanced Auditing feature
    3.  
      Installing the Enhanced Auditing feature
    4.  
      Post installation steps
    5.  
      Upgrading the Enhanced Auditing setup
    6.  
      Modifying the Enhanced Auditing setup
    7.  
      Repairing the Enhanced Auditing setup
    8.  
      Uninstalling the Enhanced Auditing setup
    9.  
      Managing access from Veritas Advanced Supervision

Assigning SQL Server roles to the Vault Service account

The Vault Service account is the account that Enterprise Vault services and tasks use when accessing Enterprise Vault databases. You must assign a number of SQL Server roles to this account to perform various activities with Compliance Accelerator. The two required roles are as follows:

  • dbcreator (database creator). The facility to create configuration and customer databases with Compliance Accelerator is dependent on the Vault Service account having this role.

  • sysadmin (system administrator). Compliance Accelerator provides the facility to create schedules with which you can conduct searches repeatedly or at some future time. These schedules are SQL Server Agent jobs and, by default, Compliance Accelerator assumes that you want to make a user with the sysadmin role the creator and owner of them.

Note:

The dbcreator and sysadmin roles are server-wide roles that may grant more security privileges to the Vault Service account than you are comfortable with. If this is the case, you can give the Vault Service account the minimum required permissions by following the instructions in this article on the Veritas Support website:

https://www.veritas.com/docs/100038151

Then, after you have installed the Compliance Accelerator client, you must change the value of the security configuration option "Use SQL Server SysAdmin Server Role for Schedules". For instructions on how to do this, see the Administrator's Guide.

To assign SQL Server roles to the Vault Service account

  1. On the SQL Server computer, start SQL Server Management Studio.
  2. In the left pane of the SQL Server Management Studio window, expand the tree to display first the required SQL Server and then the Security folder.
  3. Under the Security folder, double-click Logins to display the users in the right pane.
    How to access the Logins list in SQL Server Management Studio
  4. In the Logins list, right-click the Vault Service account, and then click Properties.
  5. In the Login Properties dialog box, select the Server Roles page.
  6. In the Server roles box, make sure that dbcreator and sysadmin are selected.
    How to grant the dbcreator and sysadmin roles to a user in SQL Server Management Studio
  7. Click OK.