Account and Permission Settings
Server installation requires an installation account with local administrator permissions on the chosen server. The installation creates a local service named AdaptivaServer, which runs under the Local System account by default.
If you use SQL Server Standard Edition or SQL Server Enterprise Edition, the installation account must also have sysadmin permissions on the SQL Server that hosts the database. For more information, see Choosing the SQL Server Edition. You may change this permission after the installation. In addition, you may also change the service account from local system to a specified service account after installation.
| Server | Account | Permissions |
|---|---|---|
|
Tenable Patch Server |
Installation account Optional Service account Reporting Account |
System account add to Local Administrators group If used, the account must be granted the Log On As A Service User right. Domain (recommended) or Local account |
|
SQL Server hosting the Adaptiva Database |
Tenable Patch Server SYSTEM Account Installation Account Option Service Account |
During the Tenable Patch Server installation, grant sysadmin permission to the Tenable Patch Server SYSTEM account (refer to Set System Account Permission in SQL Management Studio). You may reduce these permissions after completing the after the Tenable Patch Server installation. SQL Server Role Sysadmin (installation account for initial installation) Minimum permissions (after installation) Adaptiva Database Security User Mapping (account running the AdaptivaServerservice) db_datareader db_datawriter db_ddladmin db_executer |
|
Content Library |
<domain>\PatchServer $ or Optional Service Account |
If you choose to change the location of the Adaptiva Content Library to a remote drive/share, allow the Server service account the Create, Modify, and Delete permissions to the location |
|
Adaptiva Database |
Reporting Account |
The Server installation automatically grants db_datareader (read only) permissions for the SQL server (Adaptiva Database) you specify during installation. |
Communication Ports
TPM communicates between the server and clients on a range of different ports as a network application. For a list of required ports, refer to Communication Port and Flow Diagrams.
Server installation automatically creates Windows Firewall rules for ports in all network profiles during the server installation. If using a firewall, other than Windows Defender, you may need to manually configure the required ports to ensure communications are available.