Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ Mobile Operator

Windows Integrated Login for SQL Server authentication

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
TABLE OF CONTENTS

Windows Integrated Login for SQL Server authentication

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedMar 10, 2025
  • 2 minute read

Note: Stop all the Mobile Operator services before you begin.

We recommend you to assign domain groups to the SQL Server Login and ensure that the domain groups have the appropriate Mobile Operator roles. Users or services in these domain groups have access to SQL Server authentication and authorization.

You must create separate groups for Client and Server users. For the server, establish a distinct domain group, user, or service account specifically for the Data Server application. To do so, follow these example steps:

  1. Create the following domain groups:

    • MoClientsGroup – All Management Center users can be a part of this group.

    • MoServerGroup – All services except the Data Server can be a part of this group.

    • MoDataServerGroup – Data Server can be a part of this group.

  2. Create SQL logins from the Active Directory groups used for Mobile Operator

    USE [master]

    GO

    CREATE LOGIN [<domainName>\MoClientsGroup] FROM WINDOWS

    CREATE LOGIN [<domainName>\MoServerGroup] FROM WINDOWS

    CREATE LOGIN [<domainName>\MoDataServerGroup] FROM WINDOWS

  3. Assign the SQL Login users to the Mobile Operator database.

    USE [<MO Database Name>]

    GO

    CREATE USER [<domainName>\MoClientsGroup] FOR LOGIN [<domainName>\MoClientsGroup]

    CREATE USER [<domainName>\MoServerGroup] FOR LOGIN [<domainName>\MoServerGroup]

    CREATE USER [<domainName>\MoDataServerGroup] FOR LOGIN [<domainName>\MoDataServerGroup]

  4. Add the Mobile Operator roles to the domain login groups.

    USE [<MO Database Name>]

    GO

    EXEC sp_addrolemember 'IntelaTracRole', '<domainName>\MoClientsGroup'

    EXEC sp_addrolemember 'IntelaTracRole', '<domainName>\MoServerGroup'

    EXEC sp_addrolemember 'MorServerRole', '<domainName>\MoDataServerGroup'

  5. Reset the database connection string by updating the appsettings.json file in the Synchronization Service install location. To update the appsettings.json file, do the following:

    "ConnectionStrings": {

    "Database": "Server=<DbServer>;Database=<DbName>;IntegratedSecurity=true;Encrypt=Yes;TrustServerCertificate=Yes; Command Timeout=300"

    },

  6. Restart the AVEVA Mobile Operator services.

  7. The domain User/Group created needs to be added to the Mobile Operator Groups created after the Server and Data Server installation. For more information, see User accounts and Groups created and used by Mobile Operator.

Related Links
TitleResults for “How to create a CRG?”Also Available in