Required permissions changed after upgrade
pdolphin
Posts: 12
I have been running SQL Monitor 6 for some while using the permission setup as listed on the RedGate website https://documentation.red-gate.com/display/SM6/Permissions then I upgraded to version 7 and started getting alerts "Monitoring stopped (SQL Server credentials)" with a log error "User '' does not have permission to run DBCC DBINFO". I checked the https://documentation.red-gate.com/display/SM7/Permissions and nothing has changed from the older page. So I contacted tech support and they want make some changes to config files outside the normal UI and I don't understand why.
It seems like the tech is saying the assumption in version 7 is that you will run SQL Monitor as a sysadmin, which was not true in version 6 where you only had to manually activate the deadlock trace for SQL Monitor to be happy. This just does not seem right, especially for RedGate which seemed to respect the least privileged security concept or have they go the way of other venders where everything needs to be sysadmin or sa. You would think they would say something about it on the permissions page so people who don't want to use sysadmin would know what to do.
Rant aside, before I start using non-slandered configs and manually cutting out program functionality does anyone else know if there could be a different issue going on here or is this just a change between version 6 and 7?
Comments
The reason for this change is because we no longer switch to the database to run DBCC DBINFO as it improves support for Clusters and HA setups, and DBCC INFO requires sysadmin. We can't make the old way of querying work without breaking the improvements to the new areas I'm afraid. Unfortunately the only way (at present) to get rid of these alerts is to remove the alerting using the config.