web
You’re offline. This is a read only version of the page.
close
Skip to main content

Notifications

Announcements

No record found.

News and Announcements icon
Community site session details

Community site session details

Session Id :
Dynamics 365 Community / Forums / Microsoft Dynamics CRM (Archived) / Avoiding SysAdmin perm...
Microsoft Dynamics CRM (Archived)

Avoiding SysAdmin permission in SQL Server for CRM Service User

(0) ShareShare
ReportReport
Posted on by Community Member

Our CRM is hosted by an external hoster and it is impossible to get permanent sysadmin rights for a service account. CRM Deployment Guide explaines that sysadmin is the minimum permission. Does anyone have the same problem ? I it possible to reduce permission in SQL Server for CRM ? I would like to read your best practices.

TIA

*This post is locked for comments

I have the same question (0)
  • ashlega Profile Picture
    ashlega 34,477 on at

    Hi,

     I don't think your service account has to be a sysadmin account - it's mostly required to use the deployment manager (since, when using the deployment manager, you may have to create new databases etc). Other than that, it seems dbo on the organization/config database should be good enough.. but then again, if they are hosting the CRM for you, what are they suggesting?

  • Community Member Profile Picture
    Community Member on at

    Thank Alex for your reply. I got no usefull suggestion from the hoster, only to avoid sysadmin. I will start with db_owner on crm/config databases and Server role db_creator and then see what happen during the next update. Did you have trouble during crm update with your security configurations ?

  • Verified answer
    ashlega Profile Picture
    ashlega 34,477 on at

    :)) I'm lucky enough to have those permissions (or, at least, I can get them when I need to here).

    But this may help - I think it's aligned with what I wrote above:

    serverfault.com/.../minimal-required-user-permissions-for-running-ms-crm

    For the updates, I don't think you need sysadmin either, since those updates will rarely do anything on the SQL server that goes beyond DBO permissions on the config/org databases

Under review

Thank you for your reply! To ensure a great experience for everyone, your content is awaiting approval by our Community Managers. Please check back later.

Helpful resources

Quick Links

Responsible AI policies

As AI tools become more common, we’re introducing a Responsible AI Use…

Neeraj Kumar – Community Spotlight

We are honored to recognize Neeraj Kumar as our Community Spotlight honoree for…

Congratulations to the November Top 10 Community Leaders!

These are the community rock stars!

Leaderboard > 🔒一 Microsoft Dynamics CRM (Archived)

#1
SA-08121319-0 Profile Picture

SA-08121319-0 4

#1
Calum MacFarlane Profile Picture

Calum MacFarlane 4

#3
Alex Fun Wei Jie Profile Picture

Alex Fun Wei Jie 2

Last 30 days Overall leaderboard

Featured topics

Product updates

Dynamics 365 release plans