By default, OnBase creates specific workstation accounts to communicate with the database. In order to accomplish this account creation, OnBase uses a system account with the securityadmin server role.
It is recommended that specific workstation accounts are not created in the database by OnBase, removing the need for the system account to be granted the securityadmin server role. To disable workstation account creation, select Disable workstation account creation in the Global Client Settings(accessible from the OnBase Configuration module).
With the Disable workstation account creation option enabled, the following privileges can be removed from the HSI database account when used with the corresponding database platform.
Database Platform |
Privilege |
---|---|
Microsoft SQL Server |
The Security Admin role is not required. |
Oracle |
The create user and alter user permissions are not required. Note:
These permissions are still required during the initial database creation, and can only be removed after the Disable workstation account creation option is enabled. |