Installing or Configuring Digital.ai Agility to Use an Existing SQL Server User
This article explains how to install or configure Agility to use an existing instance of SQL server.
The content in this article applies to On-premise Digital.ai Agility instances only.
By default, Digital.ai Agility setup creates a new SQL Server login that has the appropriate level of access to the Digital.ai Agility database for run-time execution. The user credentials specified during setup to connect to SQL Server must have permission to create new logins.
Setup will halt and notify you if the user running Digital.ai Agility setup does not have the required permissions.
In on-premise instances, IT or security policies may restrict accounts used during setup such that they may not have the rights to create databases or SQL Server logins. In these cases, a DBA must manage the server, including the creation of the Digital.ai Agility database and the run-time login that Digital.ai Agility uses. This article outlines how to install and configure Digital.ai Agility to use an Existing SQL Server User (one created and configured by the DBA) as the run-time login.
Specifying an Existing SQL Server User
During setup, you can choose whether to create a new login for Digital.ai Agility, or specify that an Existing SQL Server User be used. If you choose to use an existing user, you will be prompted to enter credentials.
Unfortunately, it is not possible to set up "existing user" environment with AD accounts via Setup UI. This is called "trusted connection" in SQL Server terms, and requires processes using it - in this case IIS app pools hosting Digital.ai Agility and Analytics, and Datamart scheduled task - to run under the identity of selected AD accounts. It would be best to use the existing arrangement with predefined SQL server accounts.
Existing SQL Server User Permissions
When choosing the Existing SQL Server User option, the account you specify for the Digital.ai Agility run-time login needs fewer SQL Server rights than the account used for setup, as it does not need to create a new login.
The Digital.ai Agility run-time login must be created as a user on the Digital.ai Agility database and a member of the following database roles:
- public
- db_datareader
- db_datawriter
Post-Setup Configuration
When Digital.ai Agility is installed with the Existing SQL Server User option, the connection string is added to a user.config file. Additional settings may be added to the user.config after setup, as determined by your configuration. Note that all settings in the user.config are preserved when the system is upgraded.
Upgrades and Re-installs
Since the Existing SQL Server User setting is saved in a user.config file that is not changed during an upgrade, upgrades do not affect the setting. Additionally, the setting cannot be changed during an upgrade.
To revert to a Digital.ai Agility-created login, you must uninstall (without removing the database) and re-install, choosing the default behavior.
To add the Existing SQL Server User setting to an existing Digital.ai Agility installation, you must uninstall (without removing the database) and re-install, choosing the Existing SQL Server User option.