Maintaining the File Access Manager Database

Maintaining the File Access Manager Database

 

The File Access Manager database is a prerequisite for installing any other File Access Manager components on a server. It is created as the first step during a File Access Manager installation.

Prerequisites

These items must be installed/created before installing the database:

  • The File Access Manager Server Installer must be installed on the core services server. 
  • The directory for storing Database Files (File Path) must be created on the DB server.
  • The directory for storing SQLServer FileStream (FileStream Path) must be created on the DB server.
  • The directory for storing Database logs (Logs Path) must be created on the DB server.

You will also need this information before beginning the installation:

  • System Administrator (SQLServer Administrator) user account credentials.
  • If System Administrator credentials are not available, then any domain user credentials that has appropriate rights to create database and other objects (tables, views, stored procs, indexes, et cetera). Note that if you are attempting to install the database using non System Administrator user credentials, run the File Access Manager server installer as the non System Administrator User.

Installing the Database

The File Access Manager Database is installed as part of the File Access Manager Server configuration step.

  1. Launch the File Access Manager Server Installer.
  2. Accept the User Agreement and click Next.
  3. On the Database details page, click Create a new File Access Manager database.
  4. Enter the Server\Instance Path.
  5. Enter the Database name.
  6. Enter the port.
  7. Enter the Database User Name (the default name is set to File Access Manager_User).
  8. Create a user-defined password for the Database User Password and Repeat Password fields.
  9. For the Authentication Type, select SA if you have the SA credentials, or choose Windows. (Make sure that you are running the server installer as the non-SA user if you select the Windows option).
  10. Enter the Database Files Path.
  11. Enter the FileStream Files Path.
  12. Enter the Log Files Path.
  13. Click Next. The installer begins installing the database.
  14. If you encounter errors, refer to the File Access ManagerInstall.log file, which is located in the File Access Manager Server Installer installation directory. If you need further assistance, contact SailPoint. You will be required to send the install log to analyze the issue.

Moving the Database

Follow these steps to migrate the File Access Manager database from one location to another:

  1. Make a backup of the existing File Access Manager database.
  2. Stop all the File Access Manager services in the order shown in Stopping and Starting Services in File Access Manager.
  3. Follow standard database migration steps to migrate the database. Your company’s Database Administrator should assist with this step.
  4. After the database is successfully migrated to the new location, make sure you can log in to the database with the File Access Manager_User (or any other equivalent user account you created) credentials.
  5. Every File Access Manager core service that communicates with the database should have NHibernate installed, located in the same install location as the core service, under an \NHibernate directory.
  6. Edit the hibernate.cfg.xml file in the NHibernate directory and find this property:
    <property name="connection.connection_string">
    Server=<hostname.domainname.com>\<instance name>,1433;initial catalog=File Access ManagerDB;User=File Access Manager_User;Password=MIIBHQYJKoZIhvcNAQcDoIIBDjCCAQoCAQAxgccwgcQCAQAwLTAZMRcwFQYDVQQDEw5XQlgtTmhpYmVybmF0ZQIQnksBNjkRL69DwM6OYgDYhDANBgkqhkiG9w0BAQEFAASBgDeqxlyz67A72XU8psHTuvBsuhMa9QXh6QSl8V6LuIfYsAjhkrSV0BAEIkD17Z9xH6VyQLKJWLsLoMAhPFVg6gRWsAKF1w6yn2RY0ZsdZeVQrgY6bPSDTMzPbH/lg9FigbRvTZaDfqUFcIfZuLZMOEg6gIoUX6yd0qrhqhJ7HiNXMDsGCSqGSIb3DQEHATAUBggqhkiG9w0DBwQIz7UaWjLkvyCAGHKDbE/wMBjTkGqrrmbg4Qbc6hLkm0flqw==;Pooling=true
    </property>
  7. Update the hostname and any other parameters in the hibernate.cfg.xml file to reflect the new database server.
  8. Save the changes.
  9. Start the File Access Manager Scheduled Task Handler Service and examine the logs. With the log level set to ERROR, a successful connection to the database should not produce any errors.
  10. Repeat step 6 on all the servers that have NHibernate present, and start the services in the order shown in in Stopping and Starting Services in File Access Manager.
  11. If the File Access Manager Scheduled Task Handler service fails to start, make sure that the database connection parameters are correct. Set the File Access Manager Scheduled Task Handler service to DEBUG and try to start again. Examine the logs to determine the root cause.
  12.  Contact SailPoint for any further assistance.

Resetting the Database Password

In some cases, you may have to reset the database password in order to re-encrypt it, so that the services hosted on the server can connect to the database.

To rest the database password:

  1. Navigate to the DBResetPassword directory under the File Access Manager Server installer tools directory on the server (for example, C:\Program Files\SailPoint\File Access Manager\Server Installer\Tools\DBResetPassword).
  2. Open a command prompt as Administrator and run DBResetPassword.exe using this format:
    DBResetPassword.exe <Password for the File Access Manager_User account>
    This will update the password string in the hibernate.cfg.xml.
  3. Attempt to start the service again, and examine the logs for any errors.

 

 

Comments

How to remove old events to free up FAM database ?

Version history
Revision #:
5 of 5
Last update:
‎Aug 23, 2019 04:59 PM
Updated by: