Compliance Sheriff Installation Checklist
- Microsoft Server 2008R2 or Server 2012 OS should be procured with Multiple cores on all servers -- The most important hardware component is number of CPU cores on the servers. The number of cpu cores directly correlates to the number of scans you can run simultaneously. A minimum of 8 CPU cores for the worker\controller server(s) is recommended.
- SQL Server 2008R2 or 2012 (can use SQL express if desired, limit to 10gb db). Named Pipes and TCP\IP need to be enabled for the instance.
- MSMQ feature installed on the Controller\worker server(s).
- IIS with all .net components installed. If installing on a Server 2012 Server, both the “IIS” role and “Application” role needs to be installed, and under the application role we need the “Web Server Support” role installed
- Make sure the Service Account has necessary rights before install. -- Use a domain account for the CS 4.2.x installation if more than one server, and its advised to have local admin rights on the controller and web servers.
- SQL Login – The service account needs to be explicitly added to “Logins” under the sql instance prior to the installation. The user who actually runs the installation file will also need access and enough privilege to create db’s.
- SQL storage location – make sure that the physical paths for the storage of the data and log files exists prior to the installation. For example, E:\Data\ and E:\Logs
- NetBIOS – must be turned on (only for the install), alternatively we can use a command line switch to bypass this need if necessary, we should know ahead of time if both the “Computer Browsing” service and NetBios are running on the server.
- Service account needs Web access on the worker server, and all security effecting IE on that server will affect your ability to scan content from that server.
- PowerShell Policy --- this should be set to “unrestricted” prior to the installation. To do this, open a PowerShell console as an administrator, then type
Set Execution-Policy Unrestricted