Select to view content in your preferred language

What do you name your Geodatabase Administrator account?

597
2
11-21-2023 12:50 PM
JoshBillings
Frequent Contributor

We are migrating our enterprise geodatabases and will be creating a new Geodatabase Administrator account. 

What do you all have your Geodatabase Administrator account named? I'm curious how other organizations handle their naming conventions.

Also, how do you handle Shared User accounts for departments (DEPT1_ADMIN, DEPT2_ADMIN, etc)

2 Replies
MarceloMarques
Esri Regular Contributor

the geodatabase arcsde repository owner is named "SDE" and the data owner users shall have short names that usually describe the schema that the data owner user has, e.g. elec for electric, any other naming conversions can be created as long as the data owner name is short, I'd recommend no more than 10 characters.

For more best practices visit my community.esri.com blog below.

Mapping and Charting Solutions (MCS) Enterprise Databases Best Practices

| Marcelo Marques | Esri Principal Product Engineer | Cloud & Database Administrator | OCP - Oracle Certified Professional | "In 1992, I embarked on my journey with Esri Technology, and since 1997, I have been working with ArcSDE Geodatabases, right from its initial release. Over the past 32 years, my passion for GIS has only grown stronger." | “ I do not fear computers. I fear the lack of them." Isaac Isimov |
VinceAngelo
Esri Esteemed Contributor

Because the admin username if half the authentication pair to obtain administrative access to the server, it's probably not a good idea to publicize what is used currently, or what it might be in the future. 

I suggest using something that makes sense for your organization, with "adm" or "admin" or "root" or "boss" in there somewhere, but going out of your way to not use the admin naming pattern used in training. You should, of course document this adequately, potentially in a locked cabinet to which management has a key, just in case.

The exam writing consultants hate the name "headless user", but I find it, from a security standpoint, better than publishing all data as user "BobJones" since he was the admin eight years (and three admins) ago. The publishing credentials should be closely held as well (and archived in the boss' lockbox), but not as closely as full-on admin privileges.

- V