Documentation Center

Creating databases for Content Manager security

To implement security for Content Manager clients, you need to create three additional databases.

Databases

The following table describes the databases and their functions:
FeatureDescription
Tridion Access ManagementTridion Access Management (or simplyAccess Management) provides implementors with a simplified approach to identity management and gives administrators a central location for ongoing management of access to applications.

Backend for frontend

Backend for frontend, or BFF, refers to an architectural pattern that uses a middle layer between the frontend clients and the backend. BFF also refers to the layer itself and each client has a dedicated BFF. A single BFF database is used for the various BFFs.
Tridion Docs Identity ProviderTridion Docs provides the Tridion Docs Identity Provider as a sample identity provider that OpenID Connect protocol and makes it easy to get started with Access Management.

Database server requirements

The Content Manager databases can reside on either an Microsoft SQL Server or Oracle RDBMs database server. Your database server must be installed with the approved version of database software before beginning with these procedures.

To complete this task, you need access to a database server machine that runs a supported database version. Database support is the same as for Content Manager.

PowerShell script requirements

To create these databases, you run PowerShell database scripts, which require a machine that meets the following requirements:
PowerShell
You require Microsoft Windows PowerShell 5.1. You can download Microsoft Windows Management Framework 5.1, which includes Microsoft Windows PowerShell 5.1, from this location: http://aka.ms/wmf5download
Operating system
You require an operating system that supports both the required PowerShell software and any software for the database you intend to install. As a general rule, ensure that the latest (security) updates are installed on your operating system.
Database client software
For Oracle databases, you require both of the following:
  • Oracle Services for Microsoft Transaction Server (ORAMTS)
  • Oracle Data Provider for .NET (ODP.NET)
For maintenance, configuration and debugging purposes, RWS recommends that you also install the Oracle SQL Developer PL/SQL IDE (or SQL*Plus) and Oracle Net.
Environment variables
For Oracle databases where you have defined a Net Service Name for each database in a tnsnames.ora file, you must also have defined a TNS_ADMIN environment variable. Set it to the directory where tnsnames.ora resides.
Microsoft .NET Framework
You require a .NET Framework version. The one to use depends on your Windows Server operating system version:
Security
You need to be logged in as a user with sufficient security clearance. For example, to run a script that installs a database, you must be logged in as a user with rights to create that database.