Database User Account Privileges

The database user account used by EFT must have certain privileges within the database for the application to function correctly. Additionally, a different set of privileges are needed for Installation, Upgrade, and Runtime, as described below.

Installation—When creating a new database, the EFT installer is capable of creating the database user account for you. Alternatively, you may create the database user account ahead of time. Either way, the EFT database user account must have certain privileges during the creation process. Once the creation process is complete, the privileges may be reduced to those necessary for runtime operation. (Refer to Runtime below.)

The following privileges, or their equivalents, are required during the creation process:

  • SQL Server—The database user account must have the "db_owner" database role membership.

  • Oracle—The database user account must have the following privileges:

    • CREATE SESSION

    • CREATE TABLE

    • CREATE TRIGGER

    • CREATE SEQUENCE

    • CREATE PROCEDURE

    • CREATE VIEW

Upgrade—When upgrading the ARM database, either through the EFT Installer or the Database Utility (DBUtility.exe), you should use the EFT database user account to connect to the database to perform the upgrade. The upgrade process may temporarily require that additional privileges be temporarily given to the EFT database user account. The actual set of privileges depends on the version of the database schema being upgraded. Before upgrading the database, the EFT Installer will perform an analysis of the database. Additionally, the "UpgradePreview" action may be used with the Database Utility to perform the analysis. Part of this analysis will verify that the database user account possesses the necessary privileges to perform the upgrade. The analysis results will display any privileges that the account is lacking. You will need to grant the appropriate privileges to the account temporarily before proceeding with the upgrade. These privileges may be revoked once the upgrade process is complete. Refer to the Runtime section below for the privileges required during subsequent operation of EFT. To minimize the chance of encountering missing privileges, you should grant the privileges described in Installation, above, before performing the upgrade preview analysis.

Runtime—During normal operations, the EFT only manipulates the data within the database while auditing, and so requires less powerful privileges. EFT does not modify the database schema during normal operation. If you want to lock down the EFT database user accounts during normal operation, ensure that the following minimal privileges, or their equivalents, are granted to the account:

  • SQL Server—When operating against SQL Server, the EFT database user account only needs to be able to read data, write data, and execute stored procedures. The following permissions are required during normal operation:

    • CONNECT

    • DELETE

    • EXECUTE

    • INSERT

    • SELECT

    • UPDATE

  • Oracle—During normal operation, the EFT database operates only within its own schema. Additionally, it has no need to create objects during runtime. Only the following privilege is required during normal operations:

    • CREATE SESSION