SQL Logins created for Track-It! 2018/2019

Version 1
    Share This:

    This document contains official content from the BMC Software Knowledge Base. It is automatically updated when the knowledge article is modified.


    PRODUCT:

    Track-It!


    COMPONENT:

    Track-It! 2019.01


    APPLIES TO:

    Track-It! 2018/2019



    QUESTION:

    What are all the SQL Logins that are created for Track-It! 2018/2019?


    ANSWER:

     

    The Track-It! 2019 installation creates several SQL accounts during and after installation. This article explains the SQL accounts that are used and created as well as their access levels and how this structure provides tight security over your data.

      

    We create SQL accounts as follows:

      
       
    1. _SMSYSADMIN_ : This login is used for administrative purposes such as creating technicians in the database. It is granted the db_owner role on the Track-It! database.
    2.  
    3. _SMDBA_: Used for administrative purposes. The schema associated with this login is used to create tables/views that only technicians with “system admin” permissions can access.
    4.  
    5. SYSTEMACCOUNT: This login has the SMSYSDBA role, and is used for administrative purposes.
    6.  
    7. SELFSERVICE: This account is used when a requestor logs into self-service portal.
    8.  
    9. ADMINISTRATOR (*): Default technician account.
    10.  
    11. SYSTEM ADMINISTRATION (*): Default group.
    12.  
    13. HELP DESK (*): Default group
    14.  
    15. bcmdbuser: This login is created only when BCM is also installed. This login is granted the db_owner, db_datareader and db_datawriter roles on the BCM database.
    (*): A new login is created when new technician/group is created.  

     

      

     
    It is important to note:

      
       
    1. Track-It! does NOT create any SQL accounts with admin access to the whole SQL server.  This ensures neither users nor the application can access anything on the SQL server outside of the Track-It! database.

    2.  
    3. The SQL accounts created for individual technicians do NOT have admin rights on the server or the Track-It! database.  

    4.  
    5. This design allows tight database level logging and control over each Technician login and its access permissions to the application, the various Track-It! modules and Track-It! data.

    6.  
    7. This security design is based on a model that has been well tested and secure in other BMC products that use a similar architecture

     


    Article Number:

    000166566


    Article Type:

    FAQ/Procedural



      Looking for additional information?    Search BMC Support  or  Browse Knowledge Articles