Scripts to Secure Your Databases

When you configure your site to use Windows Authentication, you must create accounts for run-time users and Business Desk users, and then assign these accounts to the appropriate database roles.

Commerce Server includes scripts that create database roles for you, and assigns the appropriate database permissions for Business Desk users and run-time users. These scripts are located in the Program Files\Microsoft Commerce Server\Support folder.

These scripts create two roles:

  • **<database>ReaderRole. Assign runtime users who visit your site to this role.
  • **<database>WriterRole. Assign Business Desk users who update your site to this role.

After you run these scripts and create the appropriate roles, you assign the Business Desk group account and the run-time anonymous account (a domain account) to these roles. For instructions, see Assigning SQL Server Database Roles.

The following table lists the Commerce Server security scripts and the databases you run them against.

Script Run against this database
BDReaderRole and BDWriterRole Business Desk Permissions
CampaignReaderRole and CampaignWriterRole Campaigns
CatalogSecurityRoles Catalogs
ProfileReaderRole and ProfileWriterRole Profiles
TransactionReaderRole and TransactionWriterRole Transactions
TransactionConfigReaderRole and TransactionConfigWriterRole TransactionConfig

The Commerce Server run-time database tables can reside in one database, or each resource can have run-time tables in its own database.

These scripts are designed to work with SQL server for data stored in the Commerce Server runtime databases and the Administration database. They are not designed for use with Microsoft Active Directory or an Oracle database.

See Also

Scripts for Securing Databases Accessed by Reports

Scripts for Securing Databases Accessed by DTS Tasks

Deploying Commerce Server Using Windows Authentication

Securing the Administration Database

Securing the Direct Mailer Database

Securing a Predictor Deployment

Copyright © 2005 Microsoft Corporation.
All rights reserved.