Attempting to get some attention on this question, we are in exactly the same situation here. Our SQL Express database only has one account accessing it, a local service account with a system-generated password that is unknown to us. The people administering our TMG are telling us that they are unable to create an account on the database for the purpose of SIEM access.
Please help, thanks!
I am currently working with Microsoft to better understand the how to get access to the SQL express database. So far they are saying that all that is needed is a user that has Admin access to the box and it should work. It is not working for us, so I am seeing if there is anohter way to test connections to the SQL Express database besides the test connectionwihtin ESM.
I was able to talk to Microsoft, and came to a solution.
If someone is trying to connect via a SQL ExpressDatabase, they must use the database instance. The instance name is <SERVERNAME>\MSFW. Any user that has access to this system should have access to the database instance.The gotchya is on the TMG. If there isn't one, you will have to create a rule on the TMG to allow a connection over 1433 to the local host from the receiver.
To test this, take these steps:
1. Log onto the TMG
2. Create a Client IP filter rule for your reciever.
3. Start the query
4. From the ESM console, click connect to test the connection.
5. From the TMG console, you should see either denied or allowed traffic.
Hope this helps you too hainesr.
We will give it a try, thanks. One quick question - on our end the people configuring our TMG are having trouble setting up additional users on the TMG itself. For the account the Receiver is going to use - did you create it as a local or domain account?
I just used my account credentials. So to answer your question, we are using a domain account. I'm sure using my credentials is a temporary thing.