Database user rights
Snow Inventory Server 5 and 6, and Snow License Manager 8 and 9
2023-03-14
User rights for installation of Snow Inventory Server and Snow License Manager
For the installation of Snow Inventory Server, there are two alternatives; the SnowInventory database can either be created before the installation or during the installation. If the database is created in advance, an SQL account with db_owner privileges can be used to populate the database schema during the installation process. If the database is created during the installation process, an SQL account with sysadmin privileges (or other database-creating rights) is required for the installation. After the installation process is completed, this SQL account will be used for all Snow Inventory operations. It is therefore recommended to downgrade the privileges of the account to a db_owner level.
The installation of Snow License Manager requires the use of an SQL account with sysadmin privileges to create the SnowLicenseManager database and the LicenseManagerUser service account. After the installation process is completed, this SQL account can be demoted or deleted, since it is the LicenseManagerUser service account that will be used for all Snow License Manager operations.
The same SQL account, with sysadmin privileges, can be used for the installation of both Snow Inventory Server and Snow License Manager.
User rights for management of Snow Inventory Server
The SnowInventoryUser account is used for the database connection by the Snow Inventory Server Application and for administration of the server through Snow Inventory Admin Console. The account must have db_owner privileges on the SnowInventory database.
The account is configured through running the executables in the installation folder (x:\Program Files\Snow Software\Snow Inventory\Server):
Snowserverconfig.exe (change connection to see account in use)
Snowserveradmin.exe (edit the connection to see account in use)
User rights for management of Snow License Manager
The LicenseManagerUser account is used for accessing the Snow databases after the installation and for running the daily Data Update Job in SQL.
The LicenseManagerUser account must have the public Server Role. If the permission View any database is removed from the public Server Role default configuration, the permission must be explicitly granted to the LicenseManagerUser account, in order for the Data Update Job to work correctly.
The LicenseManagerUser account must have db_owner privileges on the SnowLicenseManager database and on the SnowInventory database.
The LicenseManagerUser account must also have the following roles on the msdb database:
SQLAgentOperatorRole
SQLAgentReaderRole
SQLAgentUserRole
In order to preserve the Data Update Job schedule and notification settings in Snow License Manager 9, the LicenseManagerUser account must be granted select permissions on the tables sysjobschedules
, sysschedules
, and sysoperators
in the msdb database.
SQL account roles
Application | Account | Database | Role membership |
---|---|---|---|
Snow License Manager | LicenseManagerUser | SnowLicenseManager | Database Owner |
Snow License Manager | LicenseManagerUser | SnowInventory | Database Owner |
Snow License Manager | LicenseManagerUser | MSDB | SQLAgentOperatorRole (to be able to start the Data Update Job) SQLAgentReaderRole SQLAgentUserRole |
Snow Inventory | SnowInventoryUser | SnowInventory | Database Owner |