Versions Compared

Old Version 14

changes.mady.by.user Mikhail Yakovlev

Saved on

compared with

New Version Current

changes.mady.by.user Mikhail Yakovlev

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Creating service account

Indeed Certificate Manager data storage is a database. For maintenance of the system creating service account is required.

1. Open pgAdmin, enter master password and connect to server.
2. In Browser section right-click on the Login/Group Roles menu item.
3. Select Create > Login/Group Role….

Image RemovedImage Added

     4. On the General tab in the Name field enter name of the role, for example - servicepg.

Image RemovedImage Added

    5. On the Definition tab enter your password in the Password field. No Expiry must be specified in the Account Expires field.

Image RemovedImage Added

Note

When you create a service account, you must disable password expiration.

    6. Turn on the Can Login? parametr on the Privileges tab.

   Image RemovedImage Added

    7. Leave rest fields with the defaults states and click Save.

Creation of the database.

The database is creates manually. It filles with the Storage-Postgre.sql script, which is part of the Indeed CM distribution kit (the script is located in the \IndeedCM.Server\Misc directory).

1. Create a database in the pgAdmin environment with an arbitrary name:

  • In Browser section right-click on the Databases menu item.
  • Select Create > Database...

Image RemovedImage Added

  • Enter name in the Name field on General tab, for example IndeedStorage. Select the user in the Owner list, created on the first step of this guide (servicepg) and click Save.

Image RemovedImage Added

    2. Select the database (IndeedStorage) in Browser secion section and execute the Storage-Postgre.sql script:

  • Select Tools > Query Tool.
  • Click the Open iconImage Modifiedin the Query Tool menu and specify the path to the file Storage-Postgre.sql  (it is located in \IndeedCM.Server\Misc) and click Select

Image RemovedImage Added

  • Click Execute/Refresh button Image Modified

Image RemovedImage Added

3. Granting privileges to service account on database tables:

  • Press Image Modified button in Query Tool menu, than select Clear Query menu item.

Image RemovedImage Added

  • Enter the text of the request, specifying the account name in it:
Code Block
languagesql
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "specify service account";


Code Block
languagesql
titleExample:
GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO servicepg;

Setting up a remote connection to the database

Open the PostgreSQL config file "pg_hba.conf".

Info

pb_hba.conf file location:

For Windows OS: C:\Program Files\PostgreSQL\<version number>\data
For *nix OS: /etc/postgresql/<version number>/main

Add a line with the following format:

Code Block
CONNECTIONTYPE DATABASE USER ADDRESS METHOD

Where:

  • CONNECTIONTYPE -  Connection type. "host" specified, TCP/IP connection will be used.
  • DATABASE - Name of the database.
  • USER - Database user name.
  • ADDRESS - IP-address of the Indeed Certificate Manager server.
  • METHOD - User authentication method.
Code Block
titleExample:
host IndeedStorage servicepg 192.200.1.0/32 md5