Live SQL DB Migration to TDE encrypted databases
One of the main uses of TDE is to protect SQL databases with transparent encryption. Make sure to involve a database administrator when protecting SQL Server.
- Make sure the SQL storage location has enough storage (Free space at least = 100% more than the largest database (.mdf) file).
- Install TDE Manager.
- Install TDE Client.
STOP SQL <instructions>
Install TDE client.
Create a smartpoint to the database location on disk.
The SQL Smartpoint must allow these apps encrypt/decrypt permission. Other applications may be necessary depending on the environment.
C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
- C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlagent.exe
- C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\ReportingServicesService.exe
- C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\msmdsrv.exe
- C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\AccessToSql.exe
- C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\DatabaseMail.exe
- C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\SQLMaint.exe
- START SQL