Discover database security
Follow these guidelines when setting up database security for Discover.
- You can set the default database for the Discover logins
DCADMIN
andTLUSER
to any valid value. - No stored procedures in any Discover databases
should have access that is granted to public. All access should all
be limited explicitly to
DCADMIN
andTLUSER
. Revoking permissions from public does not cause an issue. - Many system stored procedures in
DC_SYSTEM
database have run privileges that are granted to public. Revoking these permissions should not cause problems. However, since revoking these permissions requires changes to the MS SQL Server system procedures, Discover cannot guarantee that the changes does not result in system issues. The Discover SQL Server logins are explicitly granted the permissions that they need to access any system-stored procedures.