Highlighted
Occasional contributor

is the CLR integration feature required after the creation of the databases?

Jump to solution
I have found the following information about CLR from the installation guide:
 
"By default the CLR integration feature is disabled and must be enabled by the DB system
administrator before database creation and installation. CLR is disabled by default to increase
security in shared hosting contexts. However, in this context, Flexera is a known vendor supplying trusted code for an environment fully controlled by your administrators. Flexera warrants that the CLR DLL signed by Flexera does not attempt to elevate privileges or behave maliciously."
0 Kudos
1 Solution

Accepted Solutions
Highlighted
Flexera
Flexera

Re: is the CLR integration feature required after the creation of the databases?

Jump to solution

@juanr1vargas - Yes, the SQL Server CLR option is required by FlexNet Manager to operate.  If you disable CLR, FlexNet Manager will not run.

View solution in original post

3 Replies
Highlighted
Flexera
Flexera

Re: is the CLR integration feature required after the creation of the databases?

Jump to solution

@juanr1vargas - Yes, the SQL Server CLR option is required by FlexNet Manager to operate.  If you disable CLR, FlexNet Manager will not run.

View solution in original post

Highlighted
Occasional contributor

Re: is the CLR integration feature required after the creation of the databases?

Jump to solution

Thank you @kclausen 

0 Kudos
Highlighted
Community Manager Community Manager
Community Manager

Re: is the CLR integration feature required after the creation of the databases?

Jump to solution

Here is some more information about the use of the SQL Server CLR feature by FlexNet Manager Suite On-premises.

FlexNet Manager Suite uses a signed CLR assembly with the SAFE permission set. As described at CLR Integration Code Access Security, assemblies with a SAFE permission set are restricted so that:

"Only internal computation and local data access are allowed. SAFE is the most restrictive permission set. Code executed by an assembly with SAFE permissions cannot access external system resources such as files, the network, environment variables, or the registry." 

On Microsoft SQL Server 2017 and later, configuration to allow this assembly to be created and executed is typically done with a special SQL Server login created from the appropriate certificate provided by Flexera, and having UNSAFE ASSEMBLY rights granted to the login. Alternative supported (but not recommended) configurations are to set the TRUSTWORTHY database property to “ON” for the compliance database, or to disable CLR strict security.

The SQL Server CLR feature is used by FlexNet Manager Suite to efficiently perform various functions in the database related to data filtering for different users based on the access rights they have been granted through their role memberships.

(Anything expressed here is my own view and not necessarily that of my employer, Flexera. If my reply answers a question you have raised, please click "ACCEPT AS SOLUTION".)
0 Kudos