What are the Database Roles used by CA Service Desk Manager on the MDB database?
All tables in the mdb database are owned by mdbadmin, so specific access is granted as follows.
Ams_group | Group to allow Read only access to tables required by the Asset Viewer |
db_ddladmin | Needed during the initial install of Service Desk and ongoing for schema modifications (adding columns, tables, etc). |
db_securityadmin | Needed during the initial install of Service Desk. |
Public | Every database user belongs to the public database role. |
Regadmin | Group to allow update authority to Asset Registration tables required by CORA API |
service_desk_admin_group | Group to allow update authority to all tables owned by Service Desk. |
service_desk_ro_group | Group that can be used to grant Read Only access to Service Desk table for reporting purposes. |
Usmgroup | Group required to grant access to CA IT Client Manager tables |
Workflow_admin_group | Group required to grant access to CA Catalog tables |
The default database userid is the one entered when CA Service Desk Manager Configuration was run and is the user specified in the NX_ROOT\NX.env file under the variable NX_DB_USERID.
For example:
@NX_DB_USERID=mdbadmin
At the following links you will find further information about the MS SQLServer’s roles assigned to mdbadmin user.
Microsoft information on 'db_ddladmin':
https://msdn.microsoft.com/en-US/library/ms190667.aspx
Microsoft information on 'db_securityadmin':
https://msdn.microsoft.com/en-us/library/ms188685.aspx
Microsoft information on 'db_owner':
https://msdn.microsoft.com/en-US/library/ms180977.aspx