User Permissions for Connecting to a Microsoft SQL Database Server

To connect to a Microsoft SQL database server, the installing database user must have sufficient permissions to perform certain administrative tasks in SQL.

If you have the SQL sa login, you can use it to install OpenText Application Quality Management. If you are unable to use the SQL sa login due to security reasons, we recommend that your database administrator create an OpenText Application Quality Management database administrative login, for example td_db_admin, with the specific privileges required to install.

The td_db_admin login must have the Database Creators role. You must also grant the td_db_admin login the Security Administrators role. This allows the td_db_admin login to create and add the td user with only those privileges required for running OpenText Application Quality Management, and to run the Maintain Project activities, such as Verify, Repair, and Update.

Note: If you are unable to grant the Database Creators and Security Administrators roles, you can grant specific privileges for the database administrative login. For details, see Creating DB administrative user required for ALM installation.

To create a database administrative login on a Microsoft SQL Server:

  1. Open the SQL Server Management Studio.

  2. In the Object Explorer pane, under the database server, expand the Security folder.

  3. Right-click the Logins folder, and select New Login.

  4. Type td_db_admin as the login name, and select the authentication type (enter password if necessary).

  5. Click the Server Roles tab, and select the dbcreator and securityadmin options.

  6. Click OK.

To test the database administrative login after connecting via this login (SQL Server Authentication):

  1. Verify the select sysdatabases table permission in the master database:

    SELECT name FROM sysdatabases where name=<db_name>

  2. Verify the create database permission:

    CREATE DATABASE <dbName> -- the database name must not already exist

  3. Verify the drop database permission:

    DROP DATABASE <database_name> -- the database name must exist

  4. Verify the select syslogins permission:

    SELECT COUNT(*) FROM master..syslogins WHERE name=<dbOwnerName>

    Note: The dbOwnerName must be set to td.

To test the database administrative login permissions after connecting via this login (Windows Authentication):

  1. Verify the change database context permission:

    USE <dbName>

  2. Verify the create database permission:

    CREATE DATABASE <dbName> -- the database name must not already exist

  3. Verify the select on syslogins permission:

    SELECT COUNT(*) FROM master..syslogins WHERE name='<dbOwnerName>'

  4. Verify the select on sysusers permission:

    SELECT COUNT(*) FROM master..sysusers WHERE name='<dbOwnerName>'