Geodatabase users and permissions

After the geodatabase is created and connections can be made to it, you must create users.

You can add database users and Windows-authenticated logins to a Microsoft SQL Server instance and any of the databases on the instance. After users have been added, you grant them specific permissions to access the database and its contents.

Windows-authenticated logins are the default and, therefore, the recommended type of user for SQL Server databases. By default, when your SQL Server instance is created, this is the only type of login allowed.

To use database users, you must set the database to use mixed-mode authentication. See the SQL Server Books Online for information on setting up the SQL Server instance to use mixed-mode authentication.

When you add users, you also assign them a default schema in the database. If the user is going to own data in the geodatabase, the default schema must have the same name as the user name. If it does not, the user cannot create datasets, copy datasets into the geodatabase, or use geoprocessing tools that result in new datasets.

Once users have been added and their schemas created, you can grant permissions to them. Permissions can be granted to individual users, or users can be added to roles and permissions can be assigned to the roles. Roles are groups within the database that allow you to administer users as a group. SQL Server contains fixed server and database roles that you can use. These roles have a predefined set of permissions in the SQL Server instance and databases. Alternatively, you can create your own roles and set permissions on them.

For more information, see the following topics in the "Adding and administering users in SQL Server" book of the ArcGIS Server or ArcGIS Desktop Help:


Copyright © 1995-2011 Esri. All rights reserved.
1/26/2011