DNN Community Blog

The Community Blog is a personal opinion of community members and by no means the official standpoint of DNN Corp or DNN Platform. This is a place to express personal thoughts about DNNPlatform, the community and its ecosystem. Do you have useful information that you would like to share with the DNN Community in a featured article or blog? If so, please contact .

The use of the Community Blog is covered by our Community Blog Guidelines - please read before commenting or posting.


Running DotNetNuke With Limited SQL Permissions

History

At one time you could install and run DNN using a SQL User that only had limited permissions (db_datareader, db_datawriter, db_ddladmin and db_securityadmin).  This worked  fine until SQL Server SP2 (or one of the following security patches), and then it stopped working and you would get an error when installing the database.  The installation was able to create all the objects (tables, SPROCS, etc) but when the code ran to grant Execute permission to all the stored procedures (SPROCS) / user defined tables (UDF) the permissions the SQL user had were not enough and the grant could not be done (although it could be granted before the patch).  Since this was caused by one of the SQL patches, there was nothing we could do in the code or IIS to overcome this issue, but a solution was found.  At that time I meant to post the solution, but somehow it got overlooked and I did not do the post.  So now I am finally doing the post.  Although it is very late, I hope this still helps some people who want to run DNN with a SQL user who only has the permissions above.

Solution

The solutions is really very simple.  Because the code cannot grant Execute permissions on the SPROC’s and UDT’s, the solutions is simply a matter of granting the user Execute rights at the database level.  Below are the steps on how to do this.

1) Create the user just like you would with db_datareader, db_datawriter, db_ddladmin and db_securityadmin permissions.

2) Right click on the database for your install and select properties on the menu that appears.

3) Under “Select a page” left click on the “Permissions” option.

4) Select the name of the user you are using in the connectionString for DNN.

5) Under the “Permissions for {UserName}”, the Explicit tab – Scroll down until you find the Execute permission and make sure the Grant checkbox is checked (see screenshot below).

 DB Properties

 

6) Click the [OK] button to save the changes and now your install should work fine with at SQL user that has limited permissions.

Conclusion

For those of you who like running your DNN site using the above scenario I hop this helps alleviate any installation issue you have.  For those of you who want to run you site in an even more secure SQL setup (user who has no permissions but executing SPROC and UDF’s), you can read a previous blog a did almost three years ago called “Most-Under-Used-Security-Feature-in-DNN”.

Comments

Sebastian Leupold
Note: some upgrades might require db_owner permission, e.g. for modifying database settings like compatibility level.
If you run upgrade script without db_owner permission, you will face an execution error (you may ignore) and manually modify these settings using a server administrator account or a database user with db_owner permission.
Sebastian Leupold Tuesday, March 10, 2015 5:21 AM (link)

Comment Form

Only registered users may post comments.

NewsArchives


Aderson Oliveira (15)
Alec Whittington (11)
Alex Shirley (10)
Andrew Nurse (30)
Andy Tryba (1)
Anthony Glenwright (5)
Antonio Chagoury (28)
Ash Prasad (32)
Ben Schmidt (1)
Benjamin Hermann (25)
Benoit Sarton (9)
Beth Firebaugh (12)
Bill Walker (36)
Bob Kruger (5)
Bogdan Litescu (1)
Brian Dukes (2)
Brice Snow (1)
Bruce Chapman (20)
Bryan Andrews (1)
cathal connolly (55)
Charles Nurse (163)
Chris Hammond (209)
Chris Paterra (55)
Clinton Patterson (41)
Cuong Dang (21)
Daniel Bartholomew (2)
Daniel Mettler (154)
Dave Buckner (2)
David Poindexter (4)
David Rodriguez (3)
Dennis Shiao (1)
Doug Howell (11)
Erik van Ballegoij (30)
Ernst Peter Tamminga (74)
Geoff Barlow (10)
George Alatrash (6)
Gifford Watkins (3)
Gilles Le Pigocher (3)
Ian Robinson (7)
Israel Martinez (17)
Jan Blomquist (2)
Jan Jonas (3)
Jaspreet Bhatia (1)
Jenni Merrifield (6)
Joe Brinkman (274)
John Mitchell (1)
Jon Henning (14)
Jonathan Sheely (4)
Jordan Coopersmith (1)
Joseph Craig (2)
Kan Ma (1)
Keivan Beigi (3)
Ken Grierson (10)
Kevin Schreiner (6)
Leigh Pointer (31)
Lorraine Young (60)
Malik Khan (1)
Matthias Schlomann (15)
Mauricio Márquez (5)
Michael Doxsey (7)
Michael Tobisch (3)
Michael Washington (202)
Miguel Gatmaytan (3)
Mike Horton (19)
Mitchel Sellers (28)
Nathan Rover (3)
Navin V Nagiah (14)
Néstor Sánchez (31)
Nik Kalyani (14)
Peter Donker (54)
Philip Beadle (135)
Philipp Becker (4)
Richard Dumas (22)
Robert J Collins (5)
Roger Selwyn (8)
Ruben Lopez (1)
Ryan Martinez (1)
Salar Golestanian (4)
Sanjay Mehrotra (9)
Scott McCulloch (1)
Scott S (11)
Scott Wilkinson (3)
Scott Willhite (97)
Sebastian Leupold (80)
Shaun Walker (237)
Shawn Mehaffie (17)
Stefan Cullmann (12)
Stefan Kamphuis (12)
Steve Fabian (31)
Timo Breumelhof (24)
Tony Henrich (3)
Torsten Weggen (2)
Vicenç Masanas (27)
Vincent Nguyen (3)
Vitaly Kozadayev (6)
Will Morgenweck (40)
Will Strohl (165)
William Severance (5)

Content Layout

Subscribe to DNN Digest

Subscribe to DNN Digest

DNN Digest is our monthly email newsletter. It highlights news and content from around the DNN ecosystem, such as new modules and themes, messages from leadership, blog posts and notable tweets. Keep your finger on the pulse of the ecosystem by subscribing.  


Copyright 2017 by DNN Corp Terms of Use Privacy
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out
What is Liquid Content?
Find Out