What privilege is given to the SDE user that allows them to bypass when a database isn't accepting connections

1052
4
Jump to solution
03-01-2017 05:13 AM
deleted-user-t3dSviijg-m9
Occasional Contributor

Hi everyone, 

I'm trying to figure out what privileges (we are using SQL), is assigned to the SDE user that allows them to bypass when a database isn't accepting connections? 

We have a "headless" data owner, and I would like to assign the same privilege to them so that when I am running nightly scripts and have to index and analyze datasets, I don't have to keep dropping the owner connection to index system tables, then allowing connections so the owner can rebuild indexes on all the actual data tables and delta tables.

Is it because SDE is a member of the processsadmin fixed server role and granted VIEW DEFINITION on the database? 

Is that what the data owner should be a member of? We only use the data owner account strictly for owning data. We do not use the owner account, or the SDE for anything related to publishing services, so no web services will constantly be pinging the database when I'm trying to perform maintenance. 

Thanks!

0 Kudos
1 Solution

Accepted Solutions
JakeSkinner
Esri Esteemed Contributor

Hi Nick,

If you apply the db_owner database role to the user, they will be able to connect when the database is not accepting connections.

View solution in original post

4 Replies
JakeSkinner
Esri Esteemed Contributor

Hi Nick,

If you apply the db_owner database role to the user, they will be able to connect when the database is not accepting connections.

deleted-user-t3dSviijg-m9
Occasional Contributor

Thanks Jake. I noticed our SDE user is not a db_owner role, and it still has the ability to connect even if connections are disabled. Could this be from the ProccessAdmin fixed role, with View Definition granted? 

0 Kudos
JakeSkinner
Esri Esteemed Contributor

No, I believe this is due to some other components, possibly stored procedures, that allow the SDE user to connect if your repository is owned by SDE.  If you repository is owned by SDE this means that there is a user called SDE that is a geodatabase administrator.

deleted-user-t3dSviijg-m9
Occasional Contributor

Okay makes sense... I will get with our DBA and see about getting our data owner added to db_owner role

0 Kudos