 | Getting Started with Pervasive PSQL v9 SP2 (9.5) (Workgroup edition) (v9 SP2 (9.5) revision 1) |  |
|
This section describes how to install and configure Pervasive.SQL in an environment that uses Microsoft Active Directory service.
Active Directory is a central component of the Windows 2000 operating system network architecture. Active Directory provides a directory service specifically designed for distributed networking environments.
The Microsoft Web site provides much information about Active Directory. The following Web links provide information to help you learn about Active Directory.
Ensure that Active Directory service is installed and functioning correctly before you install Pervasive.SQL into the environment.
Microsoft provides step-by-step guides to help you install and configure Active Directory service. The following Web links provide information to help you install and manage Active Directory.
Note that Windows 2000 implements TCP/IP as the default protocol and relies on TCP/IP for most of the services associated with the operating system, including Active Directory service. Integration of Active Directory with NetWare Directory Services is possible with Microsoft Directory Synchronization Services (MSDSS) and DirSync. For more information, refer to the Microsoft Web site: http://www.microsoft.com/WINDOWS2000/sfn/msdss.asp.
The installation of the Pervasive.SQL database engine in an Active Directory environment requires no special steps. Install it as described in Installing the Pervasive PSQL Workgroup Engine .
The following environment modes are supported:
You may install the Pervasive.SQL database engine on a domain controller if you choose. Be aware, however, that activity on the domain controller may affect the performance of the database engine. For this reason, you may prefer to install Pervasive.SQL on a server that is not a domain controller.
Pervasive.SQL Workgroup runs on Windows 32-bit Servers within an Active Directory environment. The Pervasive.SQL clients run on all Windows 32-bit platforms within an Active Directory environment.
The DOS TCP/IP requester (BREQTCP) is supported within an Active Directory environment. The DOS SPX requester (BREQUEST or BREQNT) is not supported because it requires the SPX protocol.
The database engines enforce directory and file permissions set at the operating system level. An Active Directory environment does not change this behavior. For example, if you set "read only" permission on a Pervasive.SQL table file, you will be unable to write to the table.
Pervasive.SQL Workgroup is supported for use with Microsoft Terminal Server and Citrix MetaFrame running within an Active Directory environment. For more information about Terminal Services and Citrix MetaFrame, see Pervasive PSQL and Terminal Services .
Active Directory service manages the security of the network. You must grant the correct access authority at the operating system level to users who need Pervasive administrative privileges.
See Active Directory Tasks for the steps to set access authority. Users must have the following authority on the machine running the database engine:
You may grant the Log on locally authority directly to a user or to the Pervasive_Admin group (and add the user to the group).
You may create the Pervasive_Admin group on the machine running the database engine (the local machine), on the domain controller for the local machine, or on both. The database engine checks privileges first on the domain controller for the local machine then on the local machine.
An example helps illustrate this. Suppose you have two servers in your domain that run the Pervasive.SQL database engine, Server A and Server B. You could create a Pervasive_Admin group on each server and on the domain controller. You then add User 1 to the group on Server A, User 2 to the group on Server B, and User 3 to the group on the domain controller. User 1 has administrative privileges for the database engine only on Server A. Similarly, User 2 has administrative privileges only on Server B. User 3, however, has administrative privileges for the database engines on both Server A and Server B.
If you create the Pervasive_Admin group on a domain controller, then the group must be a domain local group. If you create the Pervasive_Admin group on a machine that is not a domain controller, then the Pervasive_Admin group must be a local group.
This section explains the tasks needed to ensure users have Pervasive administrative privileges. The tasks assume the following:
To Create the Pervasive_Admin Group on a Domain Controller
For example, the following image shows the expanded tree for the ADSTEST.com domain.
Note
If your Active Directory environment does not have an Organizational Unit to house groups, you need to create one. Click on the domain root (for example, in the figure above, you would right-click on ADSTEST.com), then click Action4New4Organizational Unit. Type a meaningful name for the unit, then click OK.
The Pervasive_Admin group must have a scope of Domain local. Do not use Global or Universal.
Now that the Pervasive_Admin group exists, you need to add users to it.
The user is added to the list on the bottom. For example, the following image shows that user ADS_USER1 has been added.
The user you added now appears as a member of the Pervasive_Admin group.
To Grant Log On Locally Privileges to the Pervasive_Admin Group
Ensure that you open Domain Controller Security Policy and not Domain Security Policy.
The policy setting dialog appears.
The dialog appears on which you add users and groups.
You may also specify the group by clicking Browse and navigating to the group through dialogs.
The Security Policy Setting dialog appears with Pervasive_Admin added.
|
Chapter contents
Prev topic: Application Configuration Scenarios
|
