[KB7812] Install ESET PROTECT On-Prem on Linux and connect it to Microsoft SQL Server on Windows

Issue

• Install ESET PROTECT Server on Linux and connect it to your Microsoft SQL database installed on a Windows Server

Solution

Prerequisites

• A supported version of Microsoft SQL Server is installed on a Windows machine. For the list of supported versions, see ESET PROTECT On-Prem Database Requirement help topic.

1. Configure Microsoft SQL Server
2. Install ESET PROTECT Server on Linux and connect it to the Microsoft SQL Server database installed on Windows
3. Enable an encrypted connection to Microsoft SQL database (optional)

I. Configure Microsoft SQL Server

1. Allow TCP/IP connections to the SQL database on port 1433, as described here.

2. Create a database and database user that you will use to access the database.

II. Install ESET PROTECT Server on Linux and connect it to the Microsoft SQL Server database installed on Windows

1. Open the Terminal as root and run the code below (line by line) to install the Microsoft ODBC driver for Linux:
   

   Supported Microsoft ODBC versions

   Version 11 and later of the Microsoft ODBC driver are supported. We recommend that you use the latest version 18.

   The example below shows how to install the ODBC driver version 18 on supported versions of Ubuntu, Debian, Red Hat Enterprise Linux, or Rocky Linux. See the installation instructions for different Microsoft ODBC driver versions and different Linux distributions and versions on this Microsoft page.

   Ubuntu:

   # Download the package to configure the Microsoft repo
   curl -sSL -O https://packages.microsoft.com/config/ubuntu/$(grep VERSION_ID /etc/os-release | cut -d '"' -f 2)/packages-microsoft-prod.deb
   
   # Install the package
   sudo dpkg -i packages-microsoft-prod.deb
   
   # Delete the file
   rm packages-microsoft-prod.deb
   
   # Install the driver
   sudo apt-get update
   sudo ACCEPT_EULA=Y apt-get install -y msodbcsql18

   Debian:

   # Download the package to configure the Microsoft repo
   curl -sSL -O https://packages.microsoft.com/config/debian/$(grep VERSION_ID /etc/os-release | cut -d '"' -f 2 | cut -d '.' -f 1)/packages-microsoft-prod.deb
   
   # Install the package
   sudo dpkg -i packages-microsoft-prod.deb
   
   # Delete the file
   rm packages-microsoft-prod.deb
   
   # Install the driver
   sudo apt-get update
   sudo ACCEPT_EULA=Y apt-get install -y msodbcsql18

   Red Hat Enterprise Linux and Rocky Linux:

   # Download the package to configure the Microsoft repo
   curl -sSL -O https://packages.microsoft.com/config/rhel/$(grep VERSION_ID /etc/os-release | cut -d '"' -f 2 | cut -d '.' -f 1)/packages-microsoft-prod.rpm
   
   # Install the package
   sudo yum install packages-microsoft-prod.rpm
   
   # Delete the file
   rm packages-microsoft-prod.rpm
   
   # To avoid conflicts
   sudo yum remove unixODBC-utf16 unixODBC-utf16-devel 
   
   # Install ODBC 18
   sudo ACCEPT_EULA=Y yum install -y msodbcsql18

2. Before installing ESET PROTECT Server on Linux, verify the system meets all other prerequisites (except the ODBC driver installed in the previous step).

3. Download the ESET PROTECT Server installation file from the ESET website or use the command below.

   wget https://download.eset.com/com/eset/apps/business/era/server/linux/latest/server_linux_x86_64.sh

4. Open the Terminal as root, navigate to the folder where you saved the ESET PROTECT Server installer and make the file executable.
   
   

   chmod +x server_linux_x86_64.sh

5. Run the ESET PROTECT Server installer with the correct parameters.
   

   Installation parameters

   See all available installation parameters in ESET PROTECT Online Help. The code below is an example; substitute your values for all parameters below db-driver:

   • Always use --db-type="MS SQL Server"
   • Type the database user username and password as specified in step 2 in the section Configure Microsoft SQL Server.
   • In --db-driver= Type the ODBC driver name as specified in /etc/odbcinst.ini

   sudo ./server_linux_x86_64.sh \
   --skip-license \
   --db-type="MS SQL Server" \
   --db-driver="ODBC Driver 18 for SQL Server" \
   --db-hostname=localhost \
   --db-port=3306 \
   --db-admin-username=root \
   --db-admin-password=password \
   --server-root-password=password \
   --db-user-username=root \
   --db-user-password=password \
   --cert-hostname="hostname, IP, FQDN"

   Installation errors

   If the installation stops with the error Unknown database driver or data source name, you may need to install a different version of the Microsoft ODBC driver.

   For other installation errors, see Common installation issues for ESET PROTECT Server Online Help topic.

6. After the successful installation, the ESET PROTECT Server installed on Linux is connected to the SQL Server database installed on Windows.
7. You can continue with other ESET PROTECT installation components: Web Console and ESET Management Agent.

III. Enable an encrypted connection to Microsoft SQL database (optional)

To improve security, ensure an encrypted connection is enabled between the ESET PROTECT Server and the SQL database.

Perform the steps below on the ESET PROTECT Server Linux machine:

1. Open the terminal as root.

2. Stop the eraserver service:
   
   

   service eraserver stop

3. Open the StartupConfiguration.ini file:
   
   

   nano /etc/opt/eset/RemoteAdministrator/Server/StartupConfiguration.ini

4. Add the following code to the end of the file:
   
   

   Encrypt=yes;TrustServerCertificate=yes;

5. Save the updated file.

6. Start the eraserver service.
   
   

   service eraserver start

7. If you can log in to the ESET PROTECT Web Console, the encrypted connection to the database works properly. If you are not able to log in to the ESET PROTECT Web Console, revert your changes to the StartupConfiguration.ini file.