How to Configure ACS Database for 2 ACS Collectors and Windows Authentication
Overview
Beginning with OpsMgr 2007 SP1, one could install ACS backend with two ACS collectors that write security events to ACS database in an active/passive manner. This capability is still available for ACS in OM 2012 but still forces one to configure the security on the SQL database to be SQL Authentication which isn't as secure as Windows Authentication. Furthermore, it is a bit more involved to configure in a secure manner where SSL/certs are leveraged to secure communications to the SQL database. That said, the instructions in this video should enable one to configure the SQL database with Windows Authentication instead. The target environment scenario is described here.
Prerequisites
Before proceeding, the following prerequisites should have been addressed already:
- OM infrastructure implemented
- MS role installed on the 2 Windows Servers that will be the ACS collectors
- SQL 2012 database implemented (clustered for continuous availability if possible)
- 2 Windows Servers' computer accounts added to a domain security group (such as CONTOSO\ACS-SERVERS)
Implementation
Download the attached PS scripts and follow the steps in this video: