Creating the administrator users and connection in SQL Server for the BIS workspace (Bathymetry Solution)
Creating the administrator geodatabase users
You can choose to add users to an enterprise geodatabase in SQL Server through Microsoft SQL Server Management Studio. The geodatabase users are underlying enterprise database users and store the BIS feature classes and tables. You need to grant the appropriate permissions.
See Adding Windows-authenticated users or groups to a SQL Server database.
See Adding database-authenticated logins to a SQL Server database.
For BIS workspace administrators, the following is suggested:
User Type | Role | SQL Server Permissions |
---|---|---|
Data Creator | CONNECT | CREATE TABLE CREATE VIEW CREATE PROCEDURE |
The following scripts can be used in Microsoft SQL Server Management Studio to create a new database user to store the BIS feature classes and tables, and grant the appropriate permissions.
Copying and pasting the examples may cause syntax errors.
- Create user and schema.
USE BISDB GO EXEC sp_addlogin N'bis', 'bis', @logindb, @loginlang GO CREATE USER [bis] FOR LOGIN [bis] GO CREATE SCHEMA [bis] AUTHORIZATION [bis] GO ALTER USER [bis] WITH DEFAULT_SCHEMA=[bis] GO
- Grant privileges.
USE BISDB GO EXEC sp_droprolemember 'gis_data_creator', 'bis' GO EXEC sp_droprole 'gis_data_creator' GO CREATE ROLE gis_data_creator AUTHORIZATION dbo GO GRANT CREATE TABLE TO gis_data_creator GO GRANT CREATE PROCEDURE TO gis_data_creator GO GRANT CREATE VIEW TO gis_data_creator GO EXEC sp_addrolemember 'gis_data_creator', 'bis' GO
- Verify roles.
EXEC sp_helprolemember 'gis_data_creator' GO
- Verify role permissions.
select dp.NAME AS principal_name, dp.type_desc AS principal_type_desc, o.NAME AS object_name, p.permission_name, p.state_desc AS permission_state_desc from sys.database_permissions p left OUTER JOIN sys.all_objects o on p.major_id = o.OBJECT_ID inner JOIN sys.database_principals dp on p.grantee_principal_id = dp.principal_id where dp.NAME = 'gis_data_creator' GO
- Verify user permissions.
select USER_NAME(p.grantee_principal_id) AS principal_name, dp.type_desc AS principal_type_desc, p.class_desc, OBJECT_NAME(p.major_id) AS object_name, p.permission_name, p.state_desc AS permission_state_desc from sys.database_permissions p inner JOIN sys.database_principals dp on p.grantee_principal_id = dp.principal_id where USER_NAME(p.grantee_principal_id) = 'bis'
- Associate Login bis with User bis.
USE BISDB GO EXEC sp_change_users_login 'update_one','bis','bis' GO EXEC sp_helpuser 'bis'
Creating the administrator database connection
You need to create an administrator database connection when the BIS workspace is stored in an enterprise geodatabase. Create a database connection in ArcCatalog with the BIS user; this will be the BIS workspace location.