Securing the Microsoft SQL Database Adapter

There are two types of users associated with the Microsoft SQL database adapter, Runtime Users and Schedulers. You maintain definitions for both types of users from the Users pane.

  • Runtime Users

    Runtime users in the context of Microsoft SQL jobs represent those users and passwords required to connect to the SQL Server database to run queries and jobs. Runtime users are also for connecting to SQL Servers to monitor database events.

  • Schedulers

    Schedulers are those users who will define and/or manage Microsoft SQL jobs and events. There are three aspects of a user profile that grant and/or limit access to scheduling jobs that invoke Microsoft SQL:

    Security policy that grants or denies add, edit, delete and view capabilities for Microsoft SQL jobs and events.

    Authorized runtime user list that grants or denies access to specific database user accounts for use with database connections to monitor for events and with database jobs.

    Authorized agent list that grants or denies access to specific Microsoft SQL adapter connections for use when defining Microsoft SQL jobs and events.

Defining Runtime Users (Database Users)

To define a database runtime user to run SQL jobs and monitor events:

  1. Click Administration > Runtime Users in the Navigation pane to display the Users pane.

  2. Right-click and choose Add Runtime User from the context menu, or click an existing user and click Edit to display the User Definition dialog.

    If this is a new user definition, enter the new user name in the User Name field.

    Note: If the DB Server is Azure SQL database, append the server name to the user name in the format <username > @<servername>. For example, if the SQL database server name is Tidal Automation server.database.windows.net and the user name is testuser, enter the User Name as testuser@TA server.

  3. Enter the Full Name or description associated with this user.

  4. Click the Domain field, and then click a Windows domain associated with the user account required for authentication, if necessary.

  5. Click Add on the Passwords tab to display the Change Password dialog.

  6. Click MSSql in the Password Type list.

  7. Enter a password (along with confirmation) in the Password and Confirm Password fields.

    Only those users with a password specified for Microsoft SQL will be available for use with Microsoft SQL jobs and events. The password may be the same as the one specified for Windows/FTP jobs.

    Note: If you have updated the passwords and are experiencing issues with running jobs or events, we recommend disabling and re-enabling the connection to ensure everything works properly.

  8. Click OK on the Change Password dialog. The User Definition dialog displays the new record.

  9. Click OK to add or save the user recorded in the TA database.

Authorizing Schedulers to Work with Microsoft SQL Jobs and Events

To define a TA user to work with Microsoft SQL jobs and events:

  1. Click Administration > Interactive Users in the Navigation pane to display the Users pane, listing all defined users.

  2. Right-click and click Add Interactive User from the context menu, or click an existing user and choose Edit Interactive User to display the User Definition dialog.

    Note: For a general discussion about setting up a user to with work with TA, see Tidal Automation User Guide.

  3. Click a security policy that includes authorization for Microsoft SQL jobs and events.

  4. Click the Runtime Users tab.

  5. Click the database users that this scheduling user may use when defining Microsoft SQL jobs and connections for database event monitoring.

  6. Click the Agents tab.

  7. Click which Microsoft SQL connections that this scheduling user can access when scheduling jobs or events.

  8. Click OK to save the user definition.