How to create SQL database for Citrix?

Anyone know what I need to do allow permissions from one server to another to be able to create a database?  Could someone review this citrix post?
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Aaron TomoskySD-WAN SimplifiedCommented:
if you have sql running on another machine, make sure you enable tcp/ip (in properties put 1433 under the all ip addresses section) in the sql server configuration manager and allow tcp:1433 through the firewall. Then use ssms to make a login with the right permissions.
romatloAuthor Commented:
Thanks for responding!  Sounds like you may be able to help me.  :)

I have firewalls disabled on both server so 1433 should be fine.
I am logged into both servers as domain\administrator.

I installed SQL server 2012 and input domain\administrator to run as the service account.
So SQL server and SQL browser services are running and as domain\administrator.

I made sure that TCP/IP and Named pipes are enabled in sql confguration manager.

I even added the computer account of the Citrix server to the local administrators group on SQL server.

I checked security log and saw a bad login attempt for my citrix server name, but can not even get that anymore.

I also tried running the database script that is generated optionally, but bombs out for me.
I attached it in case it means something...I would rather create the database from citrix server (easier I thought).
Jim P.Commented:
Ok. I'm going to throw out a few things that you should absolutely do. Some are Windows/AD and some are for using Citrix as a web front.

A. Rename the domain\administrator account to anything else. The domain\administrator account never locks out and can be brute attacked to death. Where if you have a normal account as administrator you can set lockouts on it.

B. Never set up a SQL Server to use the domain\administrator account. Never use a SQL Server service account that has domain level admin permissions. Those are both security holes you can drive a truck through.  

C. A regular domain level user account that has local admin to the SQL Server is still a security hole but it is how I do it. Not suggested however.

D: I never used the XenDesktop. The probable answer is to change the SQL Authentication to Mixed Mode I remember the the ancient Citrix service used SQL authentication and not AD/Windows authentication.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Cloud Class® Course: CompTIA Cloud+

The CompTIA Cloud+ Basic training course will teach you about cloud concepts and models, data storage, networking, and network infrastructure.

romatloAuthor Commented:
Thanks again!
I only used domain\administrator as SQL service accounts because I re-installed SQL thinking if I matched everything up to this login, maybe I could create the database from Citrix install (remotely).

Thanks for the useful warnings I would definitely follow in production, this is a lab test environment. :)

I am using mixed mode authentication.

Still not sure what to do, so that this Citix server can create the database remotely.

I will re-install and report back with exact configuration.
romatloAuthor Commented:
Thanks for hanging in there.  :)

Ok, I've reinstalled SQL2012 and attached configuration pics (everything else default).
I am using domain\administrator as an administrator user for now.  Just trying to get some functional test going...

I have the two servers XD7a and SQL2012, both logged in to Windows server as domain\administrator, firewalls disabled (GPO).

What are the next steps to allow XD7a server to create a database on SQL2012?
Enable SQL Browser, enable Named pipes, add XD7a computer account to local administrator group?

This article explains Citrix to database permissions, look at administrator section.  I dont know why mine is not working with domain\administrator.
romatloAuthor Commented:
Ok, I finally got the Database script to work, and database created manually.
But still get an error trying to connect to it!
Since the database is created already, it should be a different permission problem at this point?

I can ping the server, and use a troubelshooting method with telnet to verify that port 1433 is open.  I also enabled SQL Browser service and Named Pipes.  

What else could I be missing?
Aaron TomoskySD-WAN SimplifiedCommented:
Try to use ssms from a different computer to test.
Jim P.Commented:
Have you tried using the SA account and password instead of a domain account?
romatloAuthor Commented:
Wow, the Citrix Studio prompts for server\instance name but it works with the short name.
I was able to connect to it from a different server using ssms and also able to create an ODBC connection.

I think it must be the Citrix studio part or in general.
I think I am moving along now.

Thanks for all your help!!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft SQL Server 2008

From novice to tech pro — start learning today.