You need to configure the minimum user account privileges necessary for Automation Analytics & Intelligence (AAI) to operate with a database without granting system administrative access․​​​​​​​‍

SYMPTOMS:

• Security policies restrict the use of system admin privileges during day-to-day operations ․

• A second account is required for daily operations after database setup and upgrades ․

• You require the exact SQL statements to create a database user with appropriate permissions ․

   

CONTEXT:
This occurs when preparing to install or configure the application for the first time ․

IMPACT:
Administrators cannot proceed with the installation until security and permission requirements are verified

Automation Analytics & Intelligence (AAI) 24․X

Environment:

• OS: Linux / Windows

• Database: Oracle / MS SQL Server

   

   

The default scripts create a user account with sysadmin privileges, which violates standard security practices for day-to-day operations

1․ CONFIGURE ORACLE DATABASE PERMISSIONS

Path: createDevices․sql

Replace the existing grants in the script with the following statements:

GRANT "CONNECT" TO "AAI" /
ALTER USER "AAI" QUOTA UNLIMITED on AAIDATA /
ALTER USER "AAI" QUOTA UNLIMITED on AAIINDICES /
GRANT CREATE TABLE TO "AAI" /

EXPECTED: The user account is created without granting admin access ․
NOTE: Run the createTables script (createJawsDB․sql) with the new user so the user has all required permissions for the created tables ․

2․ CONFIGURE MS SQL SERVER DATABASE PERMISSIONS

Remove the system admin permissions from the user account ․
Leave the user with Database owner privileges for the application database ․

EXPECTED: The account operates with the minimum privileges necessary for a MS SQL server ․