Community

SDE Connections and Locks

512
1
02-24-2014 05:24 AM
bartbart
by
New Contributor
‎02-24-2014 05:24 AM
We have an 10.1 SDE setup with SQL Server.
It has been setup with Database Authentication Type.
All ArcGIS users access the database through this connection.

All database feature class locks show up as being in use by this master connection user, (not the actual user who is accessing it).

We have some people telling us this is best practice and others saying this is a security concern as everyone has the same permissions and there is no way to see who is accessing what.

We need to be able to see sde locks by user, and also need to be able to setup sde groups and user based permissions to feature classes.

Can anyone offer advice?

Thanks.
0 Kudos
1 Reply
VinceAngelo
by Esri Esteemed Contributor
Esri Esteemed Contributor
‎02-24-2014 05:49 AM
While common, it is far from best practice to have all users connect as a single login.

In fact, best practice involves using one or more "ownership" accounts to own institutional
table resources (feature datasets), using individual user logins to access the geodatabase,
and making use of roles to assign access to tables by users.  Not only does this practice
reduce contention to shared resources, it also helps identify who is acessing what, and when.

Note that the RDBMS implements the security model, not ArcSDE (there is no such thing as
an "sde group").  This is just proper use of the RDBMS' own security model.

- V
0 Kudos