ESET Security for Microsoft SharePoint – Table of Contents

SharePoint Integration

Copy current article URL Share via email

This article (PDF) Whole documentation (PDF)

Use direct SQL database access

ESET Security for Microsoft SharePoint uses the SharePoint object model for all database operations (read and write) by default. Enable the Use direct SQL database access setting to allow ESET Security for Microsoft SharePoint read-only access to read data directly from the SQL Server (SharePoint Content databases). Direct database access has several advantages over the SharePoint object model. Direct database access is faster, performs better, and uses fewer system resources. It is used for all read operations, while all write operations (Clean, Delete, etc.) are executed via the SharePoint object model.

Both access models (direct database and the SharePoint object) support parallel threads. You can configure parallelism by specifying Number of concurrent downloads in the SharePoint database scan.

This account must have SharePoint Farm Administrator privileges to access website collections for scanning and "Log on as service" privileges. If SharePoint is configured to connect to the database using Windows authentication, this account must also be a member of the SQL Sysadmin role on the database server.

We recommend that you use the Farm Administrator account created during SharePoint installation. If you do not type valid login credentials, ESET Security for Microsoft SharePoint will not be functional after the installation. If the installation is performed without GUI, type the SharePoint administrator account via the GUI or PowerShell 7 afterward; otherwise, the product will not work. Ensure to update the ESET Security for Microsoft SharePoint SharePoint service credentials whenever your SharePoint Farm Administrator password changes.

In an ESET PROTECT managed environment, you can use a Client Task called Run Command to execute eShell commands. Having ESET PROTECT in a managed environment is useful for a large farm with many SharePoint instances or if you want to supply credentials remotely whenever the SharePoint Farm Administrator password changes. When creating a new ESET PROTECT Client Task, specify the Command line to run:

PowerShell Set-Service -Name eShpSvc -Credential $credential -Status Running

Where $credential is System.Management.Automation.PSCredential type. See Microsoft's article for further details on creating credential object. This command will update the ESET Security for Microsoft SharePoint service and enable it to access your SharePoint infrastructure.

Ensure that you use PowerShell version 7.0 or later.

eShell can securely configure credentials for SharePoint integration.

Use eShell to set the SharePoint farm administrator account credentials. First, you need to retrieve and export or store the credentials using PowerShell, then run the eShell command to read and apply these credentials, allowing for ESET Security for Microsoft SharePoint integration with SharePoint. To retrieve and set the credentials, choose one of the two methods: PSCredential object and XML file or Credential Manager and Windows Vault. Ensure that you use PowerShell version 3.0 or later for each method.

Method 1 (PSCredential object and XML file)

1.Export PSCredential object to XML file using Export-Clixml PowerShell cmdlet by running the following two commands in PowerShell:

$Credentials = Get-Credential

$Credentials | Export-Clixml -Path "C:\FarmAdminCredentials.xml"

2.Open eShell and run the following command to set the credentials from the XML file:

set sharepoint integration farm-password pscredential "C:\FarmAdminCredentials.xml"

3.Remove the XML file by running the PowerShell command:

Remove-Item "C:\FarmAdminCredentials.xml"

Method 2 (Credential Manager and Windows Vault)

1.Install third-party PowerShell module CredentialManager from PSGallery (there is no standard) by running the following command in PowerShell:

Install-Module -Name CredentialManager

2.Store credentials from the PSCredential object into Windows Vault by running the following two commands in PowerShell.

$Credentials = Get-Credential

New-StoredCredential -Credentials $Credentials -Target "FarmAdminCredentials"

4.Open eShell and run the following command to set the credentials from the Windows Vault:

set sharepoint integration farm-password winvault "FarmAdminCredentials"

5.Remove stored credentials target from the Windows Vault by running the PowerShell command:

Remove-StoredCredential -Target "FarmAdminCredentials"

Even if you do not have a large SharePoint farm, you can use the eShell command (see above) to populate the credentials of the SharePoint farm administrator account. Alternatively, you can do it while upgrading to the latest version rather than manually entering the Username and Password.

To ensure continuous protection, you must update SharePoint administrator account credentials whenever they change. If the credentials entered here do not match the SharePoint administrator account, ESET Security for Microsoft SharePoint will not function properly and will not provide maximum protection.

˄˅