Minimum required privileges to query an SQL Server database
CCS requires certain minimum rights to query against the data sources.
These minimum rights are required by the credentials specified in the Credentials Database.
For data collection on SQL Server 2008, if your organization has specific roles for a SQL Database Administrator, Symantec recommends that the DBA enters the SQL DB Admin privileges wherever required.
The SQL DB Admin privileges may be mandated by the SQL Server application. The CCS Administrator does not require to have a SQL DB Admin role.
The following minimum user rights are required to query the SQL Server:
The user credentials supplied (Windows user or SQL Server user) for connecting to the SQL Server should be a user for the SQL Server. Otherwise, the credential verification in SQL data collector fails.
The user credentials supplied for connecting to the SQL Server (Windows user or SQL Server user) must have read rights on the master database. This master database must be of the SQL Server being queried. Otherwise, the credential verification in SQL data collector fails.
To query on a particular database on SQL Server, read rights are required on that database.
You must have VIEW DEFINITION privileges on the Microsoft SQL Server being queried.
To achieve this privilege, the following SQL statement must be executed, against the master database, for the user, whose credentials are mentioned in the Credential Database:
GRANT VIEW ANY DEFINITION TO [Server Login]
GRANT VIEW ANY DEFINITION TO [TestDomain\TestUser]