Assigning SQL Server roles to the Vault Service account

Article:HOWTO58549  |  Created: 2011-08-01  |  Updated: 2013-07-12  |  Article URL http://www.symantec.com/docs/HOWTO58549
Article Type
How To


Subject


Assigning SQL Server roles to the Vault Service account

The Vault Service account is the account that Enterprise Vault services and tasks use when accessing Enterprise Vault databases. You must assign a number of SQL Server roles to this account to perform various activities with Compliance Accelerator. The two required roles are as follows:

  • dbcreator (database creator). The facility to create configuration and customer databases with Compliance Accelerator is dependent on the Vault Service account having this role.

  • sysadmin (system administrator). Compliance Accelerator provides the facility to create schedules with which you can conduct searches repeatedly or at some future time. These schedules are SQL Server Agent jobs and, by default, Compliance Accelerator assumes that you want to make a user with the sysadmin role the creator and owner of them.

Note:

The dbcreator and sysadmin roles are server-wide roles that may grant more security privileges to the Vault Service account than you are comfortable with. If this is the case, you can give the Vault Service account the minimum required permissions by following the instructions in this article on the Symantec Support website:

http://www.symantec.com/docs/HOWTO80670

Then, after you have installed the Compliance Accelerator client, you must change the value of the security configuration option "Use SQL Server SysAdmin Server Role for Schedules". For instructions on how to do this, see the Administrator's Guide.

To assign SQL Server roles to the Vault Service account

  1. On the SQL Server computer, start SQL Server Management Studio.

  2. In the left pane of the SQL Server Management Studio window, expand the tree to display first the required SQL Server and then the Security folder.

  3. Under the Security folder, double-click Logins to display the users in the right pane.

    How to access the Logins list in SQL Server Management Studio
  4. In the Logins list, right-click the Vault Service account, and then click Properties.

  5. In the Login Properties dialog box, select the Server Roles page.

  6. In the Server roles box, make sure that dbcreator and sysadmin are checked.

    How to grant the dbcreator and sysadmin roles to a user in SQL Server Management Studio
  7. Click OK.

See Security configuration options


Legacy ID



v18588576_v41328187


Article URL http://www.symantec.com/docs/HOWTO58549


Terms of use for this information are found in Legal Notices