Minimum requirements for SQL Server logins

Note: This topic applies only to system administrators in on-premises installations. Administrators for Multi-Tenant Cloud (MTC) customers do not have access to SQL Servers.

A SQL user login is required when setting up configurations that point to the various Mongoose system databases. This SQL account requires certain permission levels to these databases. The SQL 'sa' user account has all the required permissions and is often used to set up configurations.

However, the 'sa' login also has a much greater scope of permissions than is required and many organizations prefer to make very minimal use of the 'sa' account. In such cases where organizations do not want to use the 'sa' login credentials, it is possible to set up a special set of SQL user logins that have the minimum required permissions to get the job done.

Note: The 'sa' user login must be set in the Configuration Manager. For this reason, it must be created by Infor Cloud Operations personnel. MTC customer administrators, however, can reset the 'sa' user password on the Users form.

SQL Server logins come into play at two basic times: When you create the databases required for Mongoose-based application configurations; and when creating and using the actual configurations. Each of these situations requires somewhat different levels of permission on SQL Server.

These are the SQL Server login requirements:

Creation of a custom role, mg_executor
Connections to the application, forms, and templates databases require db_datareader, db_datawriter, and mg_executor permissions
Any operation where views to the objects database are regenerated also require db_datareader, db_datawriter, and mg_executor permissions
Operations in the application database, in which the schema is to be altered, require those same permissions, plus db_ddladmin permissions