Microsoft Knowledge Base Article
This article contents is Microsoft Copyrighted material.
©2005-©2007 Microsoft Corporation. All rights reserved.
Terms
of Use |
Trademarks
Article ID: 827854 - Last Review: January 9, 2006 - Revision: 1.5
A user account retains database role assignments after you remove the user account from the "Accounts with Access to the Search Services" box on the Manage Shared Services page in SharePoint Portal Server 2003
In your server farm deployment of Microsoft Office
SharePoint Portal Server 2003 that is configured to use shared services, you
may find that when you remove a user account from the
Accounts with
access to the Search Services box in the
Direct Access to
Search Service area of the Manage Shared Services page, that user
account retains the following Microsoft SQL Server 2000 database role
assignments:
- The public role and the db_owner role on the profile
database (SiteName_PROF) and the component settings
database (SiteName_SERV) of the parent portal
site.
- The public role on the configuration database of the parent
portal site.
When you add the name of one or more user accounts to the
Accounts with access to the Search Services box in the
Direct Access to Search Service area of the Manage Shared
Services page, the user account or user accounts that you specified are
assigned the following rights and database roles:
- Query rights to the index management servers and search
servers on your server farm.
- The public role and the db_owner role on the profile
database (SiteName_PROF) and the component settings
database (SiteName_SERV) of the parent portal
site.
- The public role on the configuration database of the parent
portal site.
With these rights, the user account on the child server farm
can access search and indexing resources on the parent server farm. When you
remove a user account from the list of user accounts in the
Accounts
with access to the Search Services box, query rights to the index
management servers and the search servers on your server farm are removed from
the user account. However, SQL Server database role assignments are
retained.
To work around this behavior, use SQL Server Enterprise
Manager to manually remove access to the profile database
(
SiteName_PROF), the component settings database
(
SiteName_SERV), and the configuration database of
the parent portal site for the user account that you removed from the
Accounts with access to the Search Services box of the Manage
Shared Services page. To do so, follow these steps:
- On the server that is running SQL Server, start SQL Server
Enterprise Manager.
- Expand Microsoft SQL Servers, expand
SQL Server Group, expand (local) (Windows
NT), and then expand Security.
- Click Logins.
- In the right pane, right-click the name of the user
account, and then click Properties.
- Click the Database Access tab.
- Remove access to the profile database
(SiteName_PROF), the component settings database
(SiteName_SERV), and the configuration database of
the portal site that provides shared services. To do so, follow these steps for
each database:
- Under Specify which databases can be accessed
by this login, click the name of the database that you want to remove
access for.
- Click to clear the Permit check box
next to the name of the database, and then click
OK.
- In the right pane, right-click the name of the user
account, and then click Delete.
- Click Yes when you are prompted to confirm
that you want to remove the login.
- Quit SQL Server Enterprise Manager.
For more information about how to configure shared services
in a server farm deployment of SharePoint Portal Server, see the "Shared
Services Deployments" topic in the "Deployment Scenarios" section of the
Microsoft Office SharePoint Portal Server 2003 Administration Guide. The
Microsoft Office SharePoint Portal Server 2003 Administration Guide (Administrator's Help.chm) is located in the Docs folder in the
root of the SharePoint Portal Server 2003 CD.
For more information
about SharePoint Portal Server, visit the following Microsoft Web site:
APPLIES TO
- Microsoft Office SharePoint Portal Server 2003
| kbpermissions kbdatabase kbpending kbbug KB827854 |
Community Feedback System
Very often, it takes hours to solve a problem. Very often, you've looked high
and low, and have tried a lot of solutions. When you finally found it, chances
are, it was because someone else helped you. Here's your chance to give back.
Use our community feedback tool to let others know what worked for you and what
didn't.
Please also understand that the community feedback system is not warranted to be
correct, it's simply a system that we've built to let people try and help each
other. If something in a feedback response doesn't make sense to you, or you're
not comfortable making changes that the feedback talks about (like registry
edits), please consult a professional.
Thank you for using kbAlertz.com Feedback System.
-- Scott Cate