Nov 28 2019
- last edited on
May 24 2021
Trying to install and configure the AIP UL Scanner in preview for a client. However, because of internal security policies, it was not possible to let the Install-AIPScanner cmdlet create the SQL database itself. We had to ask the DBA to create the AIP Scanner DB prior to the Scanner installation.
We followed the instructions found here:
Then I followed the standard AIP Scanner installation and configurations steps. Service was installed (with a SQL error that was expected since it is documented), we also completed the Azure App Registration configuration and ran the Set-AIPAuthentication cmdlet with success.
After starting the AIP scanner service, I was expecting the Scanner to show up in the Azure AIP Scanner Nodes list. It did not.
I then ran Start-AIPScan locally hoping that the service would report itseft to Azure but received the following error:
>> TerminatingError(Start-AIPScan): "Invalid database schema. Run the Update-AIPScanner cmdlet to upgrade your database."
Start-AIPScan : Invalid database schema. Run the Update-AIPScanner cmdlet to upgrade your database.
This was a surprise to me but since this approach (pre-creating the SQL DB) is not so well documented (especially for the UL client in preview), I thought I should try to run the Update-AIPScanner cmdlet and see how it goes from there. The result was not better. Here's the error I got:
>> TerminatingError(Update-AIPScanner): "An error occurred during deployment plan generation. Deployment cannot continue."
Update-AIPScanner : An error occurred during deployment plan generation. Deployment cannot continue.
I did search the web for these errors and cannot find anything at all.
Would anybody have an idea of what I'm doing wrong? Anybody that pre-created the SQL DB before running the AIPScanner UL client installation?
Aug 31 2023 11:56 AM
Aug 31 2023 12:12 PM
Thanks, Fahad for the link. Here is my error message screenshot. Sorry, I have not attached it before.
Sep 01 2023 05:13 AM
Sep 01 2023 06:35 AM
Yes, the scanner account is the local admin on the server (2022), and sysadmin privileges have been assigned to the account on the SQL server. However, I'm using "Windows authentication" on the SQL if that helps @folucian