Using AWS RDS SQL Server

Using AWS RDS SQL Server

  
Hi,

We're trying to install the Agile Platform with the RDS SQL Server but we're facing some problems.

Why does the configuration tool needs a System Administrator user (to access SQL Server)? Amazon "only" gives us a db_owner one.

Note: Last year we successfully installed the Agile Platform with Oracle RDS.

Thanks in avance,
Francisco Silva
LxIS


Hi Francisco,

The configuration tool requires SA mainly to be able to create the logins for the users and the database itself if necessary.
It was always necessay to have a SA user for configuration tool, but I think back in 6.0.1 we changed the way we check if the user is SA because the previous method did not work correctly with all users (for example with an Integrated Authentication user or if the permissions were given by a group).

Can you login with the user you have and run these 2 queries?

SELECT current_user;
EXEC sp_helpsrvrolemember 'sysadmin';

Regards,
João Rosado
Hi Francisco,
Unfortunately that is currently a limitation on the .Net stack over SQL Server. We do have it in our roadmap, but no defined date for it yet. On Oracle that is indeed already possible. I'll let you know as soon as we release support for it.
Thanks
Hi,

Thanks for your anwsers.

Can you tell me what's the limitation? What if i use the same user for all the roles?
Basically the Configuration Tool uses the SA user to create the database, required users, roles and the ASP State session database.

If you can create all this in a manner similar to what Configuration Tool, you might get away with not having an SA user (one of the ways you can do this is by installing the Agile Platform on premise, creating a database clone, and migrating your environment).

However, Agile Platform revision updates and version upgrades will require you to recreate at least the Agile Platform session database, and sometimes might also require you to press the "Grant Privileges" button which requires an SA user. This means that in some situations you may not be able to take advantage of all corrections done in an Agile Platform update, which is not recommended.

Using the same user for all roles, specially if it has elevated privileges, is NOT recommended. This situation will give too many privileges to your runtime user and is a serious security risk in your applications.