Add a SQL Server

Providers are servers that host objects and attributes. Once a provider is registered, an inventory of the provider is captured and added to IBM Spectrum Protect Plus, enabling you to perform backup and restore jobs, as well as run reports.

Registration and Authentication

Register each SQL server as a provider in IBM Spectrum Protect Plus by name or IP address. When registering a SQL Cluster (Always On) node, register each node by name or IP address. Note that the IP addresses must be public-facing and listening on port 5985. The fully qualified domain name and virtual machine node DNS name must be resolvable and route-able from the IBM Spectrum Protect Plus appliance.

The user identity must have sufficient rights to install and start the IBM Spectrum Protect Plus Tools Service on the node. This includes "Log on as a service" rights. For more information about the "Log on as a service" right, see https://technet.microsoft.com/en-us/library/cc794944.aspx.

The default security policy uses the Windows NTLM protocol, and the user identity format follows the default domain\Name format.

Kerberos Requirements

Kerberos-based authentication can be enabled through a configuration file on the IBM Spectrum Protect Plus appliance. This will override the default Windows NTLM protocol.

For Kerberos-based authentication only, the user identity must be specified in the username@FQDN format. The username must be able to authenticate using the registered password to obtain a ticket-granting ticket (TGT) from the key distribution center (KDC) on the domain specified by the fully qualified domain name.

Kerberos authentication also requires that the clock skew between the Domain Controller and the IBM Spectrum Protect Plus appliance is less than 5 minutes. Note that the default Windows NTLM protocol is not time dependent.

Privileges

On the SQL server, the system login credential must have public and sysadmin permissions enabled, plus permission to access cluster resources in a SQL Always On environment. If one user account is used for all SQL functions, a Windows login must be enabled for the SQL server, with public and sysadmin permissions enabled.

Every SQL instance can use a specific user account to access the resources of that particular SQL instance.

To perform log backups, the SQL user registered with IBM Spectrum Protect Plus must have the sysadmin permission enabled to manage SQL server agent jobs.

To register a SQL server:

  1. From the navigation menu, expand Manage Protection, then expand Applications. Expand SQL, then click Backup.
  2. Click Manage Application Servers.
  3. Click Add Application Server. The Applications Properties pane opens.
  4. Populate the fields in the Applications Properties pane:
  5. Host Address
  6. Enter the resolvable IP address or a resolvable path and machine name.
  7. Use existing user
  8. Enable to select a previously entered username and password for the provider.
  9. UserID
  10. Enter your username for the provider. The user identity follows the default domain\Name format if the virtual machine is attached to a domain. The format <local administrator> is used if the user is a local administrator.
  11. Note: For Kerberos-based authentication only, the user identity must be specified in the username@FQDN format. The username must be able to authenticate using the registered password to obtain a ticket-granting ticket (TGT) from the key distribution center (KDC) on the domain specified by the fully qualified domain name.
  12. Password
  13. Enter your password for the provider.
  14. Expand Options Options icon to configure additional options:
  15. Maximum concurrent databases
  16. Set the maximum number of databases to back up concurrently on the server. Server performance is impacted when backing up a large number of databases concurrently, as each database utilizes multiple threads and consumes input/output bandwidth when copying data. Use this option to control the impact on server resources and minimize the impact on production operations.

  17. Click Save. IBM Spectrum Protect Plus confirms a network connection, adds the provider to the database, then catalogs the provider.

To troubleshoot an application server after registration, use the Actions > Test function. The Test function verifies communication with the server, tests DNS settings between the IBM Spectrum Protect Plus appliance and the server, and installs the necessary agent on the server.

Providers are automatically cataloged after registration. IBM Spectrum Protect Plus creates a high-level Inventory job and catalogs the objects on the provider. To manually run an Inventory job, click Run Inventory from the Backup pane.

NEXT STEPS:

  • Assign user permissions to the server. See Access.

 


IBM Spectrum Protect Plus 10.1.2

Licensed Material - Property of IBM Corp. © IBM Corporation and other(s) 2018. IBM is a registered trademark of the IBM Corporation in the United States, other countries, or both. | 8/23/2018