Please ensure Javascript is enabled for purposes of website accessibility
Powered by Zoomin Software. For more details please contactZoomin

AVEVA™ System Platform

TABLE OF CONTENTS

SQL Server rights requirements

Save PDF
Save selected topicSave selected topic and subtopicsSave all topics
Share
Share to emailCopy topic URL
  • Last UpdatedSep 17, 2024
  • 2 minute read

When you install a Galaxy Repository or Historian node, the installation process creates or modifies new user groups, SQL Server logins, and a user account (Network Account). These provide support for Galaxy communications, system security, and connection to SQL Server. The new/modified SQL Server logins used by System Platform are:

  • <NodeName>\aaAdministrators

  • <NodeName>\aaGalaxyOwner

  • NT AUTHORITY\SYSTEM

The Network Account, created when you installed Application Server, is required for Galaxy operations. This account:

  • Is a member of the System Platform aaAdministrators group.

  • Has one of the following SQL Server roles:

    • Has the SQL Server bulkadmin role, if Enhanced Security Mode is enabled (default).

    • Has the SQL Server sysadmin role, if Legacy Security Mode is enabled.

See Network account and Set the SQL Server security mode for additional information.

The automated process that creates the aaAdministrators group, Network Account, and aaGalaxyOwner user account also provides the rights required for operations within the GR. The aaAdministrators group, Network Account, and aaGalaxyOwner user account must all be present and enabled for Galaxy operations.

Caution: aaGalaxyOwner and ASBService are reserved OS user names. aaAdministrators and ASBSolution are reserved OS group names. Do not create users or groups with these names.

Note: The aaGalaxyOwner account is the owner (dbo) of all Galaxy databases in your system. It does not have a system login.

  • If you accidentally delete the aaAdministrators group or the Network Account from the Windows operating system, you can run either the Change Network Account utility or the SQL Access Configurator to restore it. You can access these utilities from the Start Menu, under the AVEVA folder.

  • If you accidentally delete the aaGalaxyOwner account from the Windows operating system, you must run the SQL Access Configurator to restore it.

  • If you accidentally delete the aaAdministrators group, Network Account, or aaGalaxyOwner from the SQL Server security logons, you must run the SQL Access Configurator to restore it.

TitleResults for “How to create a CRG?”Also Available in