AnsweredAssumed Answered

SQL Server: WGNUser account has DBCREATOR permission.... Why?

Question asked by Beeks on Jun 6, 2014
Latest reply on Jun 7, 2014 by Beeks

After a fresh infrastructure isntall, why does the WGNUser account persist as having dbcreator permissions in SQL Server? I don't see why it should even have it in the first place. Sure, I have no problem with WGNUser being mapped to dbo, but server wide dbcreator? Leave dbcreator permission to the SA credentials that were entered during the installation wizard used to create the database and users.

What this essentially does, is enable WGNUser to create, alter, and drop as many databases as it wants to. If you point the CMS database to a server farm or shared instance, for example, WGNUser is now a vulnerability. If its credentials are compromised, then the whole server is as good as gone. I hope that the custom SQL searches available in the administration and data management consoles are fully able to sanitise their input...

The only one scenario I could think where this could be assumed to be needed, would be during a service pack or hotfix update in which drastical changes to the schema need to be made. Although those are rare, the most I usually see are modifications to sprocs, functions, and tables, all of this can be accomplished without.

Please confirm why this permission persists, and if it can safely be removed, leaving WGNUser db_owner permission as already configured.

Thanks.

Outcomes