Creating a project using Windows Authentication for SQL Server

<< Click to Display Table of Contents >>

Navigation:  Bizagi Studio > Bizagi Projects > Creating a new project >

Creating a project using Windows Authentication for SQL Server

Overview

This article serves as a guide to create a Bizagi project using Windows Authentication for the SQL Server instance.

If you use SQL Server Authentication, refer to Create a new project.

 

Prerequisites

To create a Bizagi project in an SQL Sever database using Windows Authentication, you will need to first make sure that the Windows account appointed to create the project, is configured as a Login in your SQL Server instance.

Make sure that it is granted with the adequate permissions: GRANT CONNECT, GRANT BACKUP DATABASE, and GRANT CREATE DATABASE.

 

Change_BSSOS_00

 

Furthermore, the user must have the server roles dbcreator, public and sysdamin.

 

Change_BSSOS_05

 

For more information about how to grant these permissions, please refer SQL Server official documentation.

 

Before you start

Before you proceed with Bizagi Studio, modify the account employed at the Bizagi Standard Server Operation Service's configuration.

Follow the next steps to change the default account (appointed during installation).

 

1. Open Windows Services console by using Run option and typing services.msc

 

Change_BSSOS_01

 

2. Locate Bizagi Standard Server Operation Service and right-click it. Then, select Properties.

 

Change_BSSOS_02

 

3. Go to Log On tab.

Select This account option and type the Windows account and password who is going to create the project.

 

Change_BSSOS_03

 

Click OK to apply the changes.

 

4. Restart the service in order to enable the changes

 

Change_BSSOS_04

 

What you need to do

To create an project, and make sure all project components are configured adequately to support Windows authentication-based connectivity to the database. Follow these steps:

 

1. Creating the project.

At this point you can create new projects in Bizagi that use Windows authentication to connect to the database.

 

2. Configuring the Scheduler service.

By default, Bizagi creates a Windows Service called BizAgi[Project_Name]SchedulerService using SYSTEM as the account to Log on. Given that this account does not have access to your database, change the default account.

 

3. Configuring the IIS application pool.

If you have the intention to use IIS Express, this step is not necessary. Otherwise, change the default account set for the application pool of your Project's Work portal.

 

Procedure

 

1. Creating the project

1.1. Use the New project option in Bizagi.

You can click directly in the New shortcut, right when Bizagi Studio is opened:

 

New_oracle_BAS1

 

note_pin

Keep in mind that in order to create a project, your account needs to belong to both the local Bizagi and the Administrators group (where Bizagi Studio is installed).

 

In order to check if your user is added to both groups, follow these steps:

open the Edit Local Users and Groups utility on Windows.

Click the Groups option.

oFind the Administrators Group and make sure your user is included. If it is not add it by clicking the Add option and entering your user (as it is shown in the image below).

oFind the Bizagi Group and make sure that your user is included. If it is not add it by clicking on the Add option and entering your user (as shown in the image below).

 

WorkingRemote02_BizagiGroup

Checking if the user is part of Bizagi Group

 

WorkingRemote02_BizagiGroup_new

Checking if the user is part of Administrators group

 

If your account does not have such rights, you will be prompted to enter authorized credentials:

 

AuthorizedCredentials_dialog

 

1.2. Enter details of your project.

Make sure you give your project a name and define its location.

Then, mark the Advanced database configuration checkbox:

 

Create_newprojectOracle

 

Click Next.

 

1.3. Configure Bizagi database.

Select the option Windows Authentication.

 

Create_newproject_DB_WA

 

Click Next.

Bizagi will start to create the project. This may take a few minutes:

 

CreatingProject

 

Once the project has been created, Bizagi Studio prompts you about perform some manual procedures to make sure Bizagi behaves normally. The link displayed in the information message redirects to this article.

Click OK and Bizagi Studio will automatically open the project and you can proceed with the next steps.

 

Create_newproject_DB_WA_01

 

2. Configuring the Scheduler service

2.1. Open Windows Services console as mentioned before.

 

2.2. Locate the Service called BizAgi[Project_Name]SchedulerService and right-click it. Then, select Properties.

 

Create_newproject_DB_WA_02

 

2.3. Go to Log On tab.

Select This account option and type the Windows account and password used to create the project.

 

Create_newproject_DB_WA_03

 

Click OK to apply the changes.

 

2.4. Start or Restart the service in order to enable the changes

 

Create_newproject_DB_WA_04

 

3. Configuring the IIS application pool

1. Reconfigure the Work portal by using the Internet Information Services Manager.

To do this, you can use the Run option. Type: inetmgr

 

Create_newproject_DB_WA_05

 

2. Select Application Pools and select Bizagi X-Bit ASP.NET v4.0. Then, click Advanced Settings.

 

Create_newproject_DB_WA_06

 

3. Locate Identity and edit its value by clicking the three dot button.

 

Create_newproject_DB_WA_07

 

4. Select Custom account and click Set.

 

Create_newproject_DB_WA_08

 

5. Type the Windows account and password used to create the project.

 

Create_newproject_DB_WA_09

 

Finally, restart your Internet Information Services.

 

At this point, you are ready to get started automating your processes.

 

Considerations

Take into account the following considerations when using Bizagi Studio with Windows Authentication as SQL Server Authentication mode:

 

If your account password changes anytime, you must update it following the last two steps.  

You cannot create more than one project using different Windows accounts.