The embedded database option supplied with IDENTIKEY Server for Windows uses PostgreSQL 8.2. The database server is installed as a Service and a single database created. This database has full Unicode support.
The full PostgreSQL install package is used, so the database administation tools and documentation are available.
The package is installed under the IDENTIKEY Server installation directory.
3.2.1 Service Account
Windows
A local Windows account called dppostgres is created on the installation machine. This account is given privileges to log on as a service and locally. If installed on a domain controller, this account will be a domain account. The privileges to log on locally may be removed manually after installation if preferred, without preventing PostgreSQL from running.
Note
The dppostgres account is not automatically deleted upon uninstallation of PostgreSQL.
The default password for dppostgres is p!ss&0rd. This can be changed using the standard Windows or Active Directory user management interface. If you do this, make sure that the Windows Service Control Manager is configured with the new password. The PostgreSQL service is PostgreSQL Database Server 8.2.
If you have changed the password when you uninstall and reinstall the product, either delete the dppostgres account or change its password back to the default password shown above before installing. Otherwise, re-installation of PostgreSQL will fail.
Linux
During Linux Simple Installation a postgres daemon user account is created, which is assigned the correct permissions to run the PostgreSQL server. The PostgreSQL server is registered as a Linux daemon which runs under the postgres account.
3.2.2 Database Administration Account
A single database administrator account called digipass is created when the embedded database is installed, with password digipassword. It has full administration and access rights to the database.
This account is used by the IDENTIKEY Server to connect to the database. If you use an SQL or database administration tool to connect to the database, you can also use this account.
If you want to change the password, you can do this using the pgAdmin III utility. See 3.2.3 Database Administration below.
3.2.3 Database Administration
Windows
The full set of PostgreSQL administration tools are installed with the embedded database. For a full description, refer to the PostgreSQL documentation that is installed with the product.
The main tool to use is pgAdmin III, which is a graphical administration interface. This can be launched by clicking on the Start Button and selecting Programs -> PostgreSQL 8.2 -> pgAdmin III.
To connect to the database, right-click on the Servers -> PostgreSQL Database Server 8.2 node in the tree pane and select the Connect option. You will be prompted for the password for the DIGIPASS user – the default after installation is digipassword.
After logging in, you can perform a range of database administration tasks. See the online help for more details on what can be done with the utility.
The 6 Backup and Recovery section includes instructions on the pg_dump, pg_restore and vacuumdb utilities.
Linux
For Linux the PostgreSQL command line utilities are installed. For a full description of the command line utilities refer to the PostgreSQL documentation installed with the product.
3.2.3.2 Changing the Digipass User's Password
After logging in as described above, expand the Login Roles node in the tree pane. Right-click on the digipass node underneath and select Properties. Enter the new password, confirm it and click OK.
2. Expand the Login Roles node in the tree pane.
3. Right-click on the digipass node underneath and select Properties.
4. Enter the new Password and confirm it in Password (again).
5. Click on OK.
6. Open the IDENTIKEY Server Configuration utility: click on the Start Button and select Programs -> VASCO -> IDENTIKEY Server -> IDENTIKEY Server Configuration.
7. Click on the Storage section.
8. Click on the Identikey Server row in the ODBC Data Sources list and click the Edit... button.
9. Modify the Password field with the new password and click Test Connection. IDENTIKEY Server Configuration will test that it can connect to the database using the new password and inform you of the result.
10. If connection failed, make sure you have entered the password correctly and try again. If it still fails, cancel out of IDENTIKEY Server Configuration and try repeating the whole procedure from step 1.
11. Click OK.
12. Click OK to exit IDENTIKEY Server Configuration. When prompted to restart the Service, click Yes.
3.2.4 Connection Limitations
The embedded database install leaves PostgreSQL with the default configuration, that connections to the database may only be made on the same machine. If you need to connect from another machine to the database, you need to update the configuration.
In order to allow connection from another machine, you need to modify a PostgreSQL configuration file. Edit the configuration file with a text editor. This file can be found at:
<install directory>\PostgreSQL\data\pg_hba.conf (Windows) /opt/vasco/identikey/usr/local/pgsql/data/pg_hba.conf (Linux)
At the bottom of this file, there is a list of rules for authenticating connections to the database, which by default will be:
Refer to the PostgreSQL documentation for more details. As an example, to permit access from IP address 10.10.1.50 by the DIGIPASS user to the postgres database, add the following line directly below # Ipv4 local connections:
host postgres digipass 10.10.1.50/32 md5