Decouple SQL Server User & Schema in SDE

HeidiKrueger

SQL Server natively allows multiple users to create data in the same schema, but SDE is lagging behind (it's so SQL 2000). Now that SQL Server uses 4 part naming, we should be able to take advantage of it, so that we don't have to share passwords to the single schema owner login in order to have backup/redundant access to manage critical databases.

JensJensen1 · ‎07-21-2014

I have exactly the same problem.
Best practice is to configure security through AD roles.
If a certain AD role login is mapped to a database user, it is impossible to create feature classes, because the database username does not match the schema (ArcSDE autogenerates a schema that matches the AD username).
This allows us to only have a single user that can create feature classes under a specific schema.

Alternatives would be to use SQL Server authentication, but that is not a best practice. The other alternative is "doing it by the book", but then users will get confused by the AD usernames used as schema name and this is also troublesome when writing scripts or applications.