Account and Permissions Checklist

During the installation, Cygna Auditor will prompt you to enter account credentials for specific services and applications the product requires access to. Before running the installation, check that these accounts have sufficient rights and permissions.

ACCOUNT	WHAT IS IT USED FOR?	REQUIRED PERMISSIONS
Domain administrator account	Active Directory credentials used to connect to your domain and create an Active Directory object with product configuration. The product stores its configuration in Active Directory forest to ensure the product settings stay in sync across your corporate domain. During the installation, Cygna Auditor will create and start a service.	Domain administrator as it has sufficient permissions to create objects in the Active Directory.
IIS identity account	The account running the IIS can be either LocalSystem or a custom domain account.	A custom domain user account must be a member of the local Administrators group and granted the Log on as a batch job and Log on as a service permissions.
SQL Server account	Account with Windows or SQL Server authentication used to connect to the SQL Server instance. During the installation, Cygna Auditor will create a database on a SQL Server instance you specify or reuse the existing database. This database will be used to store audit data.	New database: The dbcreator server role and the db_datareader and public roles for the master database. Existing database: The db_owner and public roles for the audit database.

ACCOUNT

WHAT IS IT USED FOR?

REQUIRED PERMISSIONS

Domain administrator account

Active Directory credentials used to connect to your domain and create an Active Directory object with product configuration.

The product stores its configuration in Active Directory forest to ensure the product settings stay in sync across your corporate domain.

During the installation, Cygna Auditor will create and start a service.

Domain administrator as it has sufficient permissions to create objects in the Active Directory.

IIS identity account

The account running the IIS can be either LocalSystem or a custom domain account.

A custom domain user account must be a member of the local Administrators group and granted the Log on as a batch job and Log on as a service permissions.

SQL Server account

Account with Windows or SQL Server authentication used to connect to the SQL Server instance.

During the installation, Cygna Auditor will create a database on a SQL Server instance you specify or reuse the existing database. This database will be used to store audit data.

New database:

The dbcreator server role and the db_datareader and public roles for the master database.

Existing database:

The db_owner and public roles for the audit database.