Database Mapper System Requirements

Update: SentryOne Document is now SolarWinds Database Mapper (DMR). See the Database Mapper product page to learn more about features and licensing. Want to explore Database Mapper? An interactive demo environment is available without any signup requirements.

System Requirements

Compatible Browsers

  • Chrome
  • Edge

Note:  Using an unsupported browser to access Database Mapper prompts an Improve Your Experience message, and asks you to use Chrome or Microsoft Edge for the best experience. Solutions Dashboard Improve Your Experience Pop In encouraging you to use a supported browser.

Database Mapper Software

Note:  Hardware requirements are workload-specific. The specs listed below are the minimum recommended.

If you're using Database Mapper Software (the on-premises, self-hosted version), the hardware requirements are:

  • 2 CPU cores
  • 8+ GB RAM
  • 40+ GB free storage space

Database Mapper Host

To install the Database Mapper Software Host, your machine must have Microsoft .NET Core 3.1 Desktop Runtime (v3.1.19).

Remote Agent

Note:  Hardware requirements are workload-specific. The specs listed below are the minimum recommended.  As agent workloads do not benefit significantly from parallelization, one or two cores for each agent is recommended.

Remote Agent Permissions

Remote Agent Service Account

The remote agent service account must have the following for both Database Mapper Cloud and Database Mapper Software:

  • Log on as a service rights
  • Log on as a batch job rights
  • Write access to the remote agent’s config file located at C:\ProgramData\PragmaticWorks\ServiceCore\SentryOneDocumentRemoteAgentService.{Agent Name}.xml

Additional Information: See the Log on as a service article on Microsoft Docs for instructions.

Multi-Factor Authentication

Using service accounts that require Multi-Factor Authentication (MFA) is not currently supported for connecting the remote agent service to Azure SQL Database targets. It is recommended that generalized service accounts are used for configuring connection credentials rather than accounts that are directly linked to users. For environments that require MFA for Azure Active Directory users, a service account can be excluded from the MFA requirement by using an exclusion for conditional access.

Additional Information: See the Use Azure AD access reviews to manage users excluded from Conditional Access policies article on Microsoft Docs for guidance on how to set up exclusions for MFA.

Remote Agent Hardware

  • Recommend a relatively recent 64-bit processor, 8+ GB of RAM, and 20+ GB free storage space.

Remote Agent Software

  • Windows PC with .NET 4.6.1 installed

Remote Agent Supported Operating Systems

 64-bit (x64) Operating Systems32-bit (x86) Operating Systems
Windows Server 2012Windows Server 2012
Windows Server 2016Windows 8
Windows 8Windows 10
Windows 10

Supported Provider Versions

ProviderSupported Versions
MySQL

MySQL versions 5.6 through 8

Oracle

Oracle versions 12c Release 1 through 21c

PostgreSQL

PostgreSQL versions 9.5 through 13.2

SQL
64-bit Operating Systems32-bit Operating Systems
Microsoft SQL Server 2012 (or later) Shared Management Objects x64 Microsoft SQL Server 2012 (or later) Shared Management Objects x86
Microsoft SQL Server 2012 (or later) Shared Management Objects x86 Microsoft System CLR Types for Microsoft SQL Server 2012 (or later) x86
Microsoft System CLR Types for Microsoft SQL Server 2012 (or later) x64

Note:  Microsoft SQL Server Transact-SQL ScriptDom is included in the Database Mapper installer.

Important:  The SQL Server provider works against SQL Server 2005 and above when connecting to both SQL Server On-Premises and Azure Instances. The SQL Server Provider can collect columns with the Sensitivity Classification in Azure, and SQL Server 2019.

SSAS
64-bit Operating Systems32-bit Operating SystemsSSAS Azure Analysis Services
Microsoft SQL Server 2012 (or later) Analysis Management Objects x64 Microsoft SQL Server 2012 (or later) Analysis Management Objects x86 
  • Microsoft Azure Analysis Services Client Libraries
Microsoft SQL Server 2012 (or later) Analysis Management Objects x86

Important:  The SSAS provider works against SSAS 2005 and above when connecting to Multidimensional Instances and SSAS 2012 and above when connecting to a Tabular Instances.

SSIS

SQL Server Integration Services 2012 or later

SSRS and Power BI Report Server
  • SQL Server Reporting Services (2012 or later)
  • Support provided for the following report locations:
    • File System: SQL Server 2012 or later
    • Native Web Services: SQL Server 2012 or later
    • SharePoint Web Service: SQL Server 2012 or later

Note: 

  • These requirements are for Power BI Report Server. Power BI itself does not have any additional requirements beyond what is required for Database Mapper.
  • KPIs and Mobile Reports are currently not supported when connecting to an SSRS 2016 or above Report Server.
TableauTableau Servers with REST API enabled with the following API Versions: 2.3, 2.2, 2.1 and 2.0.

Unsupported: SQL, SSAS, SSIS, and SSRS versions 2008 R2 and earlier are not officially supported. The providers remain accessible in the software if the prerequisites are met, however, we will not be able to provide support for any issues that are specific to these older releases.

Required Provider Files

Important:  Provider files must be installed on the machine that will run your Database Mapper Remote Agent. For more information about installing the Remote Agent, see the Remote Agent article. 

Note:  Due to legal restrictions, some libraries cannot be redistributed by software providers. Database Mapper does not include the following libraries:

ProviderRequirement
SSAS

You need to install Microsoft ® .NET 4.5 to monitor SSAS 2017.

To connect to Azure Analysis Services, you need to download and install the latest Microsoft Analysis Services Client Libraries.

SSISTo monitor SSIS 2012 or later, you need to install SQL Server Data Tools or Business Intelligence Development Studio.

Note:  You need to select SQL Server Integration Services when installing SQL Server features in Microsoft SQL Server Data Tools.

You need to have any Third-Party Products (Connection Managers, Tasks, Components, etc) that are used within the SSIS Package(s) installed to document your packages.

SSRS and Power BI Report ServerTo monitor SSRS 2012 or later, or to monitor Power BI Report Server, you need to install SQL Server Data Tools or Business Intelligence Development Studio.

Note:  You need to select SQL Server Reporting Services when installing SQL Server features in Microsoft SQL Server Data Tools.

Downloading Provider Files from Microsoft

Note:  These instructions reference an external system from Microsoft and may appear differently than described below.

Download the additional provider requirements by completing the following steps:

1. Navigate to the Microsoft SQL Server 2012 SP4 Feature Pack.

2. Select the following additional files:

  • SharedManagementObjects.msi 6.4mb
  • SharedManagementObjects.msi 7.6mb
  • SQL_AS_AMO.msi 3.6mb
  • SQL_AS_AMO.msi 2.7mb
  • SqlDom.msi 2.4mb
  • SqlDom.msi 2.2mb
  • SQLSysClrTypes.msi 2.1mb
  • SQLSysClrTypes.msi 2.4mb

3. Select Next.SQL Server 2012 SP4 Feature Pack select the download files and then select Next.

4. Select Download to install the selected components.SQL Server 2012 SP4 Feature Pack select download to complete the download.

Success: You have now downloaded the additional provider requirements! Additional files successfully downloaded from MS.

Permissions

It's recommended that the machine running the remote agent has network access and permission to access all the solution items that you want to scan. See the Remote Agents article for additional recommendations about where to install them.

Note:  Database Mapper (the cloud version at document.sentryone.com) uses https://document-api.services.sentryone.com/ as the communication endpoint and port 443 for HTTPS. These will need to be allowed by your firewall.

Technology-Specific Permissions

TechnologyRequired Permissions
Azure Power BI 
  • Content.Create
    • Delegated
    • Create content
  • Dashboard.Read.All
    • Delegated
    •  View all dashboards
  • Dashboard.ReadWrite.All
    • Delegated
    • Read and write all dashboards
  • Dataset.ReadWrite.All
    • Delegated
    • Read and write all datasets
  • Group.Read
    • Delegated
    • View user's groups
  • Report.ReadWrite.All
    • Delegated
    • Read and write all reports
MySQL
  • Requires SELECT permission on mysql.user.
  • Permissions on any tables that will be documented.
  • For triggers to be included, the TRIGGER privilege is required.
  • For the definitions of stored procedures and functions to be included in the documentation, user must be named in the DEFINER clause for the object; or for MySQL prior to version 8, user needs SELECT permission on mysql.proc, or for MySQL version 8 (or later), user needs SHOW_ROUTINE privilege.
    • Note:  If permissions for these are not in effect, but the user has a permission (SELECT, INSERT etc.) on the object, then that object will be in the documentation but the definition section will be missing.

Examples

Setting permissions on a limited user account (to enable configuring a solution item and taking a snapshot):

GRANT SELECT ON mysql.user TO 'MyUserName'@'%';
GRANT SELECT, TRIGGER ON myschema.* TO 'MyUserName'@'%'; -- ALL tables/views

For stored procedures or functions:

 MySQL prior to version 8:

GRANT SELECT ON mysql.proc TO 'MyUserName'@'%';

MySQL version 8 (or later):

GRANT SHOW_ROUTINE ON *.* TO 'lockdownuser'@'%';
Oracle
  • Permissions are required to connect to the database.
  • Permissions are required to access any objects that will be documented.
  • For triggers to be documented, the CREATE ANY TRIGGER privilege is required.
PostgreSQL
  • Requires LOGIN privilege
  • Requires CONNECT privilege to the database
  • Requires permissions on any objects you want to document. 
    • Note:  For triggers to be included, extra privileges on the table other than SELECT alone are required (e.g. INSERT)

Example

Setting permissions on a limited user account (to enable configuring a solution item and taking a snapshot):

ALTER ROLE myusername WITH LOGIN;
					
GRANT CONNECT ON DATABASE mydatabase TO myusername;
				
GRANT SELECT, INSERT ON ALL TABLES IN SCHEMA myschema TO myusername;
SQL Server
  • Definition permissions for any object you want to document
  • Non-sysadmin users must be granted View Server State permissions to view log file objects within the documentation.
SQL Server Analysis Services
  • Multidimensional:
    • Read definition permission on each database object you want to document
  • Tabular:
    • Administrator permission on each database object you want to document
  • Azure Analysis Services
    • Azure Active Directory credentials are required
SQL Server Integration Services
  • SSIS Catalog:
    • Read and Modify permission for each project within the SSISDB you want to analyze
SQL Server Reporting Services
  • Folder Security Settings:
    • Minimum Predefined User Roles required:
      • My Reports
      • Content Manager
    • Minimum Tasks required for a custom User Role:
      • View Reports
      • View Folders
      • View Data Sources
      • View Models
      • Consume Reports
  • Web Service Security Settings:
    • Minimum Predefined System Role required:
      • System User
      • Browser in the report tree
    • Minimum Tasks required for a custom System Role:
      • Execute Report Definitions
Tableau Permissions
  • You must be a part of the Server Administrator role

Accessing Database Mapper Solutions

The following script shows you how to grant the necessary permissions to users so that all server level objects, databases, associated database objects and SQL Server Agent objects can be read. This needs to be executed against any SQL Server that exists as a solution in Database Mapper.

SQL Server

USE [master];
GO
IF NOT EXISTS
(
    SELECT *
    FROM syslogins
    WHERE [name] = 'Domain\Account'
)
CREATE LOGIN [Domain\Account] FROM WINDOWS WITH DEFAULT_DATABASE = [master];

GRANT VIEW SERVER STATE TO [Domain\Account];

GRANT VIEW ANY DEFINITION TO [Domain\Account];

GRANT CONNECT ANY DATABASE TO [Domain\Account];

GO
USE [msdb];
GO
CREATE USER [Domain\Account] FOR LOGIN [Domain\Account];
GO
USE [msdb];
GO
ALTER ROLE [SQLAgentOperatorRole] ADD MEMBER [Domain\Account];
GO

SSIS

If the server hosting the solution also has SSIS and the solution contains SSIS items, then permissions must be granted for the SSISDB in addition to the SQL Server permissions above.

USE [SSISDB];
GO
CREATE USER [Domain\Account] FOR LOGIN [Domain\Account];
GO
USE [SSISDB];
GO
ALTER ROLE [SSIS_Admin] ADD MEMBER [Domain\Account];
GO

BSD 2-Clause "Simplified" License Disclaimer

A component of the Database Mapper remote agent is attributed to MarkDig and licensed with the BSD 2-Clause "Simplified" License.

BSD 2-Clause "Simplified" License text as of November 26, 2019:

Copyright (c) 2018-2019, Alexandre Mutel
All rights reserved.

Redistribution and use in source and binary forms, with or without modification
, are permitted provided that the following conditions are met:

1. Redistributions of source code must retain the above copyright notice, this 
   list of conditions and the following disclaimer.

2. Redistributions in binary form must reproduce the above copyright notice, 
   this list of conditions and the following disclaimer in the documentation 
   and/or other materials provided with the distribution.

THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND 
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 
WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 
DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 
SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER 
CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE 
OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.

See https://github.com/lunet-io/markdig/blob/master/license.txt for current text and additional details.