Netwrix Directory Manager - Configuration Tool & Database Account Setup Guide

Products Directory Manager Show & Tell
, ,
1

Netwrix Directory Manager v11.1.5 - Configuration Tool & Database Account Setup Guide

Required Accounts:

Account Usage Required Roles Additional Permissions
Configuration Tool Account (Account A / dbowner) Used during database setup. Creates schema, tables, and stored procedures. Grants EXEC permissions to Account B. db_owner None
Services Account (Account B / dbrw) Used by services/components at runtime for database operations. db_datareader, db_datawriter EXEC on relevant schemas (granted by Account A)

Updated Configuration Tool Screen

Step-by-Step Setup Instructions

1. Create or Update the Target Database

  1. Open SQL Server Management Studio (SSMS).

  2. Connect to the appropriate SQL Server instance.

  3. Check if the target database already exists:

  • If it exists:
    • Take a full backup of the database before making any changes.
  • If it does not exist:
    • In Object Explorer, right-click Databases → New Database…
    • Provide a name for the new database (e.g., TargetDatabase).
    • Configure additional settings as required.
    • Click OK to create the database.

2. Create the Configuration Tool User (dbowner)

  1. In Object Explorer, expand Security > Logins.
  2. Right-click Logins → New Login…
  3. Enter a login name (e.g., dbowner).
  4. Choose an authentication method
  5. Set a secure password.
  6. In User Mapping, select the target database and assign db_owner role.
  7. Click OK to create the user.

3. Create the Services User (dbrw)

  1. In Object Explorer, right-click Logins → New Login…
  2. Enter a login name (e.g., dbrw).
  3. Choose an authentication method and set a secure password.
  4. In User Mapping, select the target database and assign roles:
  • db_datareader
  • db_datawriter
  1. Click OK to create the user.

4. Configure Accounts in the Configuration Tool

Account Purpose
dbowner (Account A) Used during initial configuration or deployment. Creates schema, tables, and stored procedures.
dbrw (Account B) Used by services at runtime for read/write operations and stored procedure execution.

Usage Guidelines:

  • Use dbowner only during setup or deployment.
  • Use dbrw for all runtime connections from applications/services.

Appendix: Role Descriptions

Role Name Description
db_owner Full control over the database. Can create objects, manage security, etc.
db_datareader Read-only access to all tables and views in the database.
db_datawriter Write access to all tables and views in the database.
1 Like