Changing account used to log audit history

By default Audit History enables the guest account in the iBase log database. However, you can disable the guest account, and use an alternative SQL Server user for logging Audit History information to the log database.

Before you begin

Attention: These steps are not reversible. After the guest account is disabled, you cannot enable it again.

The SQL User that you use to replace the guest account must be associated with a login that also has a corresponding account in the iBase log database. It needs appropriate permissions in each database.

To create an account to replace the guest account, create a login that is associated with a user in the iBase main database and the iBase log database.

The following database roles are needed:

The iBase main database user must be a db_datareader.
The iBase log database user must a db_datawriter.

Procedure

To disable the guest account and use an alternative SQL Server user account:

Display the Configure Audit History by clicking Database Properties>Configure.
Connect to the SQL Server as a user with system administrative permissions. Select Use specific SQL Server account.
Select an Authentication type:
- Windows authentication. Your Windows user account must have the system administrator permissions.
- SQL Server authentication. You must enter an SQL Server login, and password, that has system administrator permissions.
Note: You can use either method of connecting to the server, regardless of the security method that is used in the iBase connection file.
Click Connect.
In Audit history logging account, select an SQL Server user to replace the guest account.
In Authentication with iBase Log Database, enter a certificate password to be used by the SQL Server to:
- Create the certificate.
- Back up the certificate (the password is required to restore the certificate from the backup).
- Provide the security context for logging audit history.
Click OK.