Scripts to Secure Your Databases

Article
11/12/2009

When you configure your site to use Windows Authentication, you must create accounts for run-time users and Business Desk users, and then assign these accounts to the appropriate database roles.

Commerce Server includes scripts that create database roles for you, and assigns the appropriate database permissions for Business Desk users and run-time users. These scripts are located in the Program Files\Microsoft Commerce Server\Support folder.

These scripts create two roles:

**<database>ReaderRole. Assign runtime users who visit your site to this role.
**<database>WriterRole. Assign Business Desk users who update your site to this role.

After you run these scripts and create the appropriate roles, you assign the Business Desk group account and the run-time anonymous account (a domain account) to these roles. For instructions, see Assigning SQL Server Database Roles.

The following table lists the Commerce Server security scripts and the databases you run them against.

Script	Run against this database
BDReaderRole and BDWriterRole	Business Desk Permissions
CampaignReaderRole and CampaignWriterRole	Campaigns
CatalogSecurityRoles	Catalogs
ProfileReaderRole and ProfileWriterRole	Profiles
TransactionReaderRole and TransactionWriterRole	Transactions
TransactionConfigReaderRole and TransactionConfigWriterRole	TransactionConfig

The Commerce Server run-time database tables can reside in one database, or each resource can have run-time tables in its own database.

These scripts are designed to work with SQL server for data stored in the Commerce Server runtime databases and the Administration database. They are not designed for use with Microsoft Active Directory or an Oracle database.

Share via

Scripts to Secure Your Databases

See Also

Additional resources