The High Security model, designed to address general information security concerns and support new authentication methods for usage-oriented OnBase database access, was introduced in OnBase 18.
When upgrading from a version of OnBase prior to 18, all clients and Application Servers must be upgraded to OnBase 18 or higher before migrating to the High Security model. For more information on security considerations when upgrading, see General Security Considerations.
When using the High Security model, the hsi database user login must exist and must be the owner of all OnBase database objects. The hsi database user is the schema owner and is considered the master user for the OnBase database. This account is used to create new tables, create new indexes, and grant permissions.
OnBase Core applications, including the Web Client and the Unity Client, use either the hsi account or an account created by the Database Administrator specifically for Core connectivity to the database.
The hsicore and hsinet accounts may exist in your environment, but are no longer used for Core connectivity.
The viewer user account has SELECT permissions on all OnBase tables and should be used for Report Services, for creating and testing ODBC sources, and for external reporting by third-party applications.
Additionally, you can define and use a custom administration user for the initial creation of the OnBase database objects and other administrative tasks outside of normal application usage.
-
For more information on the privileges required by an administration user in a SQL Server environment, see Database Creation and Maintenance Users.
-
For more information on the privileges required by an administration user in an Oracle environment, see Database Creation and Maintenance Users.