Granular Permissions Not Installed on SAP ASE

This section describes the minimum permissions required for the Sybase (SAP ASE) administrator user when the Granular Permissions module is not installed on SAP ASE (sp_configure enable_granular_permissions, 0).

Respective administrator permissions must be provided for the following operations:

Test Connection
Aggregation
Provisioning

The minimum Administrative Account permission required to be granted for provisioning is SSO_ROLE (System Security Officer). The following scripts must be used to create minimum permission user and role. These permissions must be run by a SA or administrator-level login user.

Log in using administrator credentials and create a new user on managed system using the following command:
Copy
```
sp_addlogin [loginname],[password]
go
```

Add a database user:

Copy

use [databaseName]
go
sp_adduser [loginname], [databseUserName]
go

Grant read-only access to the newly created user using the following command:
Copy
```
grant select on master..sysloginroles to [username]
grant select on master..syssrvroles to [username]
```
To access user-defined databases, create an account on that database as follows:
Query to create Database user:
Copy
```
use [databaseName]
go
sp_adduser [username], [databaseUserName]
go
```

Feedback is provided as an informational resource only and does not form part of SailPoint's official product documentation. SailPoint does not warrant or make any guarantees about the feedback (including without limitation as to its accuracy, relevance, or reliability). All feedback is subject to the terms set forth at https://developer.sailpoint.com/discuss/tos.


	You are here:

Granular Permissions Not Installed on SAP ASE

Documentation Feedback