SyncFX only works for Users with DbOwner Permissions

All replies

• 

  

  0

  Sign in to vote

  not sure which provider you're using but here's a some security considerations for database access in Sync FX:

   
  EXECUTE permissions on all the stored procedures that Sync Framework uses to read and write to metadata tables and base tables.

  SELECT, INSERT, UPDATE, and DELETE permissions for metadata tables and any base tables that will be updated during a synchronization session.

  When you provision SQL Server databases that use SqlSyncProvider, be aware of the following permissions requirements for provisioning:

  CREATE TABLE permissions to enable creation of the metadata tables: scope_info and scope_config, and the tracking tables that are created for each base table.

  ALTER TABLE to add triggers to the base tables.

  CREATE PROCEDURE permissions to create the procedures that Sync Framework requires.

  SELECT and INSERT permissions for scope_info and scope_config tables.

  SELECT permissions for base tables.

   

  • Proposed as answer by Deepa ChoundappanEditor Tuesday, August 10, 2010 5:29 PM

  Saturday, August 7, 2010 9:29 PM
• 

  

  0

  Sign in to vote

  Hi Deepa,

  after trying your suggestions we were still getting errors enumerating on the [synctable].  We could not find the scope_info or scope_config tables you mentioned.

  So we ran trace analyser and received the following:

  The VIEW CHANGE TRACKING permission was denied on the object 'Shires', database 'DEC', schema 'dbo'.

  So we then added a new Db role called 'SyncUser' and granted the permission 'View Change Tracking' to the 5 tables we were trying to sync. Our user login was set to use role Data Reader, Data Writer AND our new SyncUser Role. This then resolved the issue.

  It would be good if online documentation made mention of these permissions as it is clear just granting Execute permission does seem to work.

   

  Wednesday, August 11, 2010 12:11 AM