[KB7172] Install ESET Security Management Center Server on Linux and connect it to SQL Server on Windows

Issue

ESET business product no longer supported

This content applies to an ESET product version that is currently in End of Life status and is no longer supported. This content is no longer updated. 

For a complete list of supported products and support level definitions, review the ESET End of Life policy for business products.

Upgrade ESET business products.

  • Install ESMC Server on Linux and connect it to your MS SQL database installed on a Windows Server.

Solution

Prerequisites

 

I. Configure MS SQL Server

  1. Allow TCP/IP connections to the SQL database on port 1433, as described here.
     
  2. Create a database and database user that you will use to access the database.

 

II. Install ESMC Server on Linux and connect it to MS SQL Server database installed on Windows

  1. Open the Terminal as root and run the code below (line by line) to install the MS ODBC driver for Linux:
    ODBC versions:

    Version 13 and later of Microsoft ODBC driver is supported. We recommend that you use the latest version (version 17).

    The example below shows the installation of ODBC driver version 17 on Ubuntu 16.04 and Red Hat Enterprise Linux/CentOS 7. See the installation instructions for different Microsoft ODBC driver versions and different Linux distributions and versions on this Microsoft page.


    Install Microsoft ODBC 17 driver on Ubuntu 18.04
    1. curl https://packages.microsoft.com/keys/microsoft.asc | apt-key add -
       
    2. curl https://packages.microsoft.com/config/ubuntu/16.04/prod.list > /etc/apt/sources.list.d/mssql-release.list
       
    3. apt-get update
       
    4. ACCEPT_EULA=Y apt-get install msodbcsql17
    Install Microsoft ODBC 17 driver on Red Hat Enterprise Linux/CentOS 7
    1. curl https://packages.microsoft.com/config/rhel/7/prod.repo > /etc/yum.repos.d/mssql-release.repo
       
    2. yum remove unixODBC-utf16 unixODBC-utf16-devel
       
    3. ACCEPT_EULA=Y yum install msodbcsql17
  1. Before installing ESMC Server on Linux, make sure the system meets all other prerequisites (except the ODBC driver).
     
  2. Download the ESMC Server installation file from the ESET website.
     
  3. Open the Terminal as root, navigate to the folder where you saved the ESMC Server installer and make the file executable:

    chmod +x server-linux-x86_64.sh
     
  4. Run the ESMC Server installer with proper parameters (see example code below).
    Installation parameters

    See all available installation parameters in ESMC Online Help. The code below is an example - substitute highlighted text with your values:

    • Always use --db-type="MS SQL Server"
    • Type the database user username and password as specified step 2 in section Configure MS SQL Server above.
    • In --db-driver= type the ODBC driver name as specified in /etc/odbcinst.ini

    sudo ./server-linux-x86_64.sh \
    --skip-license \
    --db-type="MS SQL Server" \
    --db-driver="ODBC Driver 17 for SQL Server" \
    --db-hostname=10.20.30.40 \
    --db-port=1433 \
    --db-admin-username=user \
    --db-admin-password=pAssword1 \
    --server-root-password=pAssword1 \
    --db-user-username=user \
    --db-user-password=pAssword1 \
    --cert-hostname="10.20.30.50;ubuntu1"

    If the installation stops with an error 'Unknown database driver or data source name' you may need to install a different version of MS ODBC driver.
     
  5. After the successful installation, the ESMC Server installed on Linux is connected to SQL Server database installed on Windows.
     
  6. You can continue with the installation of other ESMC components: Web Console and ESET Management Agent.

 

III. Enable encrypted connection to MS SQL database (optional)

To improve security, enable an encrypted connection between the ESMC Server and the SQL database.

Enable encryption on MS SQL Server:

TLS 1.2 needs to be enabled on a supported MS SQL Server, visit this Microsoft article.

Perform the steps below on the ESMC Server Linux machine:

  1. Open the terminal as root.
     
  2. Stop the eraserver service:

    service eraserver stop
     
  3. Open the StartupConfiguration.ini file:

    nano /etc/opt/eset/RemoteAdministrator/Server/StartupConfiguration.ini
     
  4. Add the following code to the end of the file:

    Encrypt=yes;TrustServerCertificate=yes;

    Below is an example of the StartupConfiguration.ini file (replace the parts highlighted in yellow with your values):

    DatabaseType=MSSQLOdbc
    DatabaseConnectionString=Driver=ODBC Driver 17 for SQL Server;Server=10.20.30.40,1433;Uid=era_user;Pwd={SecretPassword};CharSet=utf8;Database=era_db;Encrypt=yes;TrustServerCertificate=yes;
     
  5. Save the updated file.
     
  6. Start the eraserver service:

  7. service eraserver start
     
  8. If you are able to log in to the ESMC Web Console, the encrypted connection to the database works properly. If you are not able to log in to the ESMC Web Console, revert your changes to the StartupConfiguration.ini file.
English
Español
Last Updated: Nov 23, 2022

Additional resources

User Guides

ESET Forum

YouTube videos

Need further assistance?

Contact ESET Technical Support

More Information

Support News
Customer Advisories