Question:
How do I grant database permissions for an eNICQ user or Active Directory group?
Answer:
Please see the notes at the end of this article before starting this process. These are also the same steps to give someone the db_owner role to allow upgrades to the database.
- Open SQL Server® Management Studio.
- Locate the Security folder at the server level in the object explorer.
- Expand the Security Under the Security folder you will see the Logins folder.
- Right-click on the Logins folder and choose New Login…
If the users have already been given permissions to another database on this server they will show in Logins already. Just right click on them and select Properties and skip to step 19. - At the bottom of the Login – New dialogue, set the Default database to eNICQ6db unless you named it something other than the default name. In that case select the actual name of the database.
- Select the Windows authentication radio button.
- Click the Search button.
- Click the Object Types button on the Select User or Group.
- Uncheck Built-in security principals and Other objects.
- Check Groups and/or Users, whichever you are using. For multiple users, managing through group membership is recommended.
- Click OK to continue.
- On the Select User, Service Account or Group dialog Click Locations…
- Select the location for the Windows account or group and click OK.
- Enter the user or group in the space provided and click Check Names.
- If you are unable to identify the correct user or group, click Advanced… on the Select User, Service Account or Group dialog for more search options. Otherwise, continue to step 19.
- Use the advanced features to find your user or group.
- Please contact your System Administration team for assistance if you have difficulty with any of the following:
- Locating the correct user or group
- Creating a user or group
- Adding or removing users to or from a group - On the Login - New screen, or the Login Properties screen if you are editing an existing user, click the User Mapping page.
- Check the eNICQ6db database in the upper panel if you kept the default name. If changed the name to something other than the default look for that in the upper panel and select it.
- Check the roles EnicqDBUser and public in the lower panel. You could also select the db_owner role here if you wanted to give someone the ALTER and CREATE permissions allowing them to perform database upgrades.
- Click OK to complete Login creation.
- Test the end-user’s database authentication capability from the client machine by having the end user launch the application once it has been installed.
- Set up SQL backups and secure your data according to your organization’s policies.
NOTES:
- The eNICQ 6 application performs database transactions using the following isolation levels: RepeatableRead, ReadUncommitted, Snapshot, ReadCommitted. The SQL Server® database must allow usage of each of these isolation levels.
- To perform the following actions, you will need to have SQL Server® Management Studio (SSMS) installed and connected with the instance of SQL Server® where the eNICQ 6 Database resides. If you do not already have a copy you can download the installer for SQL Server® Management Studio Express from Microsoft’s website, https://www.microsoft.com/en-us/download/details.aspx?id=43351.
- The following instructions should be carried out in SQL Server® Management Studio by a database administrator or IT professional with equivalent skills and permissions. These instructions focus on using Windows Authentication to manage database access. Additional options and tips are available in our documentation on troubleshooting database connectivity in eNICQ 6.