Security configuration options

Show deny permissions for roles

Specifies whether, when you select the permissions that you want to associate with a Discovery Accelerator role, you can also choose to deny certain permissions to users who occupy the role. By denying the permissions, you stop users from acquiring them when they are assigned to other roles that do allow the permissions. The option to deny permissions as well as allow them is enabled by default.

Use SQL Server 2005 SystemAdmin Server Role for Schedules

When selected, makes the SystemAdmin logon the creator and owner of Discovery Accelerator search schedules.

If you want to lock down your SQL Server instance, uncheck this setting and then do the following in the order listed:

  • Add the Vault Service account to the msdb database.

  • Give the Vault Service account Select permissions on the following msdb tables: sysjobs, sysjobschedules, sysjobsteps, and sysschedules.

  • Give the Vault Service account Execute permissions on the msdb stored procedure sp_add_category.

  • Assign the database role SQLAgentUserRole to the Vault Service account.

More Information

Setting Discovery Accelerator system configuration options

About the facility to allow or deny permissions

Editing the properties of Discovery Accelerator roles