NOTE: Applies to geodatabases created with an ArcGIS Server Enterprise license only
NOTE: CONNECT on database is granted to PUBLIC by default. If you revoke this privilege from PUBLIC, you will need to explicitly grant CONNECT on databases to specific roles and/or users.
Type of user |
Database permissions |
Dataset permissions |
Notes |
Data viewer |
|
SELECT |
- If allowed to read all tables in the database, you can assign users to the db_datareader database role.
- CREATE TABLE permission is needed if using shared log files.
|
Data editor |
|
- SELECT, INSERT, UPDATE, and DELETE on other users' data objects (if they will be editing other users' data objects)
- EXECUTE on the stored procedures associated with the data to be edited
|
CREATE TABLE permission is needed if using shared log files. |
Data creator |
- CREATE TABLE
- CREATE PROCEDURE
- CREATE VIEW
|
|
- Before a user can create an XML column with SQL Server 2005 or 2008, the user must be granted the REFERENCES permission on the full-text catalog in which the text of the XML documents will be indexed.
- User names for any user accounts that own data must have the same name as their default schema. For example, for the user name simon, the default schema name must be simon. If it isn't, the user cannot create geodatabase objects such as feature classes.
- CREATE VIEW privilege is only needed if the user will be creating database views, spatial views, or multiversioned views.
|
ArcSDE administrator |
- CREATE TABLE
- CREATE PROCEDURE
- CREATE FUNCTION
- CREATE VIEW
|
|
- For ArcSDE administrators, the CREATE VIEW function is required to create the DBTUNE, ST_GEOMETRY_COLUMNS, and ST_SPATIAL_REFERENCES_Systems views.
- If you use a dbo-schema geodatabase, the database owner (dbo) is in the sysadmin fixed server role and already has these privileges.
|
Type of user |
SDE database permissions |
Dataset permissions in SDE database |
Permissions in other databases |
Dataset permissions in other databases |
Data viewer |
|
SELECT |
|
SELECT |
Data editor |
|
SELECT, INSERT, UPDATE, and DELETE permission on datasets to edit and EXECUTE permission on related stored procedures |
|
SELECT, INSERT, UPDATE, and DELETE permission on datasets to edit and EXECUTE permission on related stored procedures |
Data creator |
CREATE TABLE and CREATE PROCEDURE if creating datasets in the repository database (not recommended) |
|
CREATE TABLE and CREATE PROCEDURE |
|
ArcSDE administrator |
CREATE TABLE, CREATE VIEW, CREATE PROCEDURE, and CREATE FUNCTION |
|
Add as user to the other databases, but no specific required permissions |
|