DriveLock Server Setup Wizard

The wizard guides you through installing or updating the database and sets up the certificate if it is a new installation of the DriveLock Enterprise Server.

  1. In the Welcome to the DriveLock Server Setup wizard dialog, click Next.

  2. Select the SSL/TLS certificate from the computer's certificate store in the following dialog.

    If it is an installation in a test environment, you can also have DriveLock generate a self-signed certificate. The certificate must fulfill certain requirements, see Trusted certificates.

    Please note the following:

    • In addition to HTTP communication, which uses the certificate from the certificate store, DriveLock uses an MQTT broker that requires the certificate as a file. To do so, the certificate must be exportable together with the private key.

    • If the private key cannot be exported, the wizard will inform you on the following page. You then have the option of generating a self-signed certificate for the MQTT broker.

    • If you decide to use a self-signed certificate for all communication, we recommend entering the certificate in the trusted certificates in the policy so that the communication between DES and agent is secure.

  3. In the following dialog, select the option Specify login account for DES if you want to create a new database.

    This option is selected by default if you selected the DES option when installing the server.

  4. Next, enter the connection data for the database server.

    • Here you can optionally specify a different user for database access. Windows and SQL Server authentication are possible. This data is not stored and is used exclusively for the installation or update.

      If you also want to specify the port, the Server Setup Wizard supports the following notation:
      FQDN,Port\Instance (e.g.: myDLServer,14330\SQLEXPRESS)

    • If there are any connection problems, corresponding error messages will be displayed.

    • If you are using Windows Server 2016, click on Test connection after entering the server name. If a green tick appears, the connection has been established. Select Install a new database as the action.

  5. There are several options for creating the database, depending on certain scenarios.

    • Create database:

      This option is set by default. The database is created on the SQL server. The account that performs the installation must have the appropriate permissions on the SQL server (dbcreator role). If you deselect this option, you must provide a database. The schema is then installed in this database.

    • Create database login on SQL server:

      This option is also set by default. A login is created for the DES service account. The account that performs the installation must have appropriate permissions on the SQL Server (securityadmin role).

    • Give DES service account full permission on the database (db_owner). Recommended for SQL Express:

      This option is not set by default. This gives the DES service account maximum rights to the DriveLock databases and enables it to perform tasks such as maintenance (index maintenance), cleaning up old data records and backing up the database.

      For larger environments or when operating on a full SQL server, we recommend switching this option off.

  6. Next, enter the administrative user accounts for the DriveLock management components. This is usually the DriveLock administrator who performs the installation.

  7. In the next dialog, specify whether you want to send telemetry data to DriveLock.

  8. Finally, a summary is displayed. Click Apply to finish. The DriveLock Enterprise Service (DES) will now start automatically.