AD accounts for repository connection

During Dataedo Portal installation, a service user is created to run the app. By default, it's named IIS APPPOOL\DataedoPool. To use AD authentication for the repository connection, you either need to assign this user the correct database permissions or change this user to another account that already has them granted.

To change the user, open the IIS Manager and find the DataedoPool on the list of application pools.

Open the advanced settings for the application pool:

Then click the [...] button to specify the account details.

Switch to Custom account, then click the Set button. Provide the domain, login, and password used to run Dataedo.

Required filesystem permissions

Ensure the user has Read, Write, and Modify permissions on the entire folder for Dataedo Portal.

Required database permissions

To create a repository, the user requires the CREATE ANY DATABASE permission. Other required database permissions are automatically granted during repository creation.

To connect to an existing repository, the user must be added to ADMINS and USERS database roles. These are roles created by Dataedo in the repository during its creation.

If you want to be able to upgrade the repository from Dataedo Portal, the user should also be granted the db_owner role.

End-user authentication with Active Directory

Dataedo Portal can also authenticate end users with their AD credentials. To do this, on the login screen, provide your login in the DOMAIN\login format and your password. The application will check these credentials and let you know if they're correct.

Note that you need to assign access levels within Dataedo Portal app separately. You can also use our ADKit to add AD group members to access groups in Dataedo Portal.