References > Administration and settings > Create database backups > Database authentication

Prepare the SolarWinds Orion database server

The SolarWinds Orion database stores all monitoring data. Before you install and configure your Orion Platform product, make sure that the SQL server supports the database authentication type you want to use, and that the user account is a member of the appropriate server role.

Set the recovery model of the database to Simple. SolarWinds does not support other methods.

Database authentication

The selected SQL Server instance must support mixed‑mode or SQL authentication with strong passwords.

You must select the authentication method used by the SolarWinds Orion user to access the database.

SolarWinds recommends the SQL Server Authentication to ensure the SolarWinds Orion server can always access the SolarWinds Orion database, even when hosted remotely on a separate server.

Strong passwords

A strong password must meet at least three of the following criteria:

  • Contains at least one uppercase letter.
  • Contains at least one lowercase letter.
  • Contains at least one number.
  • Contains at least one non-alphanumeric character, for example: #, %, or ^.

    See Authentication Mode (SQL Server Express) on the Microsoft Developer Network for more information about strong passwords.

If you are using a MS SQL Express, specify your instance as (local) and use a strong password.
SolarWinds recommends that you do not use MS SQL Express in production environments.

Server roles required for user accounts

The user account used to access the database must be a member of the appropriate server role. The role depends on whether you use an existing SQL database and user account, or a new database, or a new SQL user account.

Option Role Requirements for the user account
Create a new database.

The user account must be a member of dbcreator server role.

You can use the sysadmin role and the SA user account because they are always members of dbcreator.

Create a new SQL account. The user account must be a member of the securityadmin server role.

You can use the sysadmin role and the SA user account because they are always members of securityadmin.

Use an existing database and an existing SQL account. The user account needs only to be in the db_owner database role.