Database Logins, Users, and Roles (Master Data Services)

Master Data Services includes logins, users, and roles that are automatically installed on the SQL Server Database Engine instance that hosts the Master Data Services database. These logins, users, and roles should not be modified.

Logins

Login

Description

mds_dlp_login

Allows creation of UNSAFE assemblies. For more information, see Creating an Assembly.

  • Disabled login with randomly-generated password.

  • Maps to dbo for the Master Data Services database.

  • For msdb, mds_clr_user maps to this login.

mds_email_login

Enabled login used for notifications.

For msdb and the Master Data Services database, mds_email_user maps to this login.

msdb Users

User

Description

mds_clr_user

Not used.

  • Maps to mds_dlp_login.

mds_email_user

Used for notifications.

  • Maps to mds_email_login.

  • Is a member of the role: DatabaseMailUserRole.

Master Data Services Database Users

User

Description

mds_email_user

Used for notifications.

  • Has SELECT permission for the mdm schema.

  • Has EXECUTE permission for the mdm.MemberGetCriteria user defined table type.

  • Has EXECUTE permission for the mdm.udpNotificationQueueActivate stored procedure.

mds_schema_user

Owns the mdm and mdq schemas. The default schema is mdm.

Does not have a login mapped to it.

mds_ssb_user

Used to execute Service Broker tasks.

  • Has DELETE, INSERT, REFERENCES, SELECT, and UPDATE permission all schemas.

  • Does not have a login mapped to it.

Master Data Services Database Role

Role

Description

mds_exec

This role contains the account you designate in Master Data Services Configuration Manager when:

  • You create a Master Data Services database and designate a service account.

  • You create a Master Data Manager Web application and designate an account for the application pool.

You should use the same account in both cases.

The mds_exec role has:

  • EXECUTE permission on all schemas.

  • ALTER, INSERT, and SELECT permission on these tables:

    • mdm.tblStgMember

    • mdm.tblStgMemberAttribute

    • mdm.tbleStgRelationship

  • SELECT permission on these tables:

    • mdm.tblUser

    • mdm.tblUserGroup

    • mdm.tblUserPreference

  • SELECT permission on these views:

    • mdm.viw_SYSTEM_SECURITY_NAVIGATION

    • viw_SYSTEM_SECURITY_ROLE_ACCCESSCONTROL

    • mdm.viw_SYSTEM_SECURITY_ROLE_ACCCESSCONTROL_MEMBER

    • mdm.viw_SYSTEM_SECURITY_USER_MODEL

Schemas

Role

Description

mdm

Contains all Master Data Services database and Service Broker objects other than the functions contained in the mdq schema.

mdq

Contains Master Data Services database functions related to filtering member results based on regular expressions or similarity, and for formatting notification e-mails.

Change History

Content update

Updated descriptions of the schemas.