Configuring Dataedo Web in domain use

Applies to: Dataedo 10.x versions, Article available also for: 24.x (current), 23.x
You are looking at documentation for an older release.
Switch to the documentation for Dataedo 23.x.


When installing Dataedo Web, a service user is created to run the app - by default, it's named IIS APPPOOL\DataedoPool. Since the server can't impersonate other domain users at this point, any connections to a repository database using Windows or domain authentication can only authenticate as this service user.

If the repository database server you're connecting to does not allow non-domain users, you have two options - either grant the IIS app pool user the required permissions (details below) or change the IIS app pool user to one that already has them.

Creating a repository using domain authentication

To create a repository, the user requires the CREATE ANY DATABASE permission. Other required database permissions are automatically granted during repository creation.

Connecting to an existing repository using domain authentication

To connect to an existing repository, the user needs to be added to ADMINS and USERS roles in the database - these are roles created by Dataedo in the repository database during its creation.

If you want to be able to upgrade repository from Dataedo Web, the user also should be granted the db_owner role.

Managing users from Dataedo Web

Currently Dataedo Web uses database logins to authenticate users. If you want to manage database users from Dataedo Web, the IIS app pool user needs to be granted the security_admin server role. You can always manage users manually or using Dataedo Administration console otherwise.

Found issue with this article? Comment below
Comments are only visible when the visitor has consented to statistics cookies. To see and add comments please accept statistics cookies.
There are no comments. Click here to write the first comment.