Microsoft KB Archive/823833

= INFO: Grant the Correct Access Permissions to a Commerce Server Administration Database Connection String =

Article ID: 823833

Article Last Modified on 9/24/2003

-

APPLIES TO


 * Microsoft Commerce Server 2002 Standard Edition
 * Microsoft Commerce Server 2000 Standard Edition

-



SUMMARY
The administration database connection string for Commerce Server is contained in the registry in an encrypted format. By default, read access to the registry is available to valid Microsoft Windows NT accounts on the computer. It is a good idea to grant access permissions to the registry only to required resources and users for the computer.

If you select SQL authentication when you install Commerce Server, the logon password is stored in ADMINDBPS as an encrypted binary value. This value is located in the registry under the following registry key:

The Internet Guest Account must have read access to ADMINDBPS.

Additionally, you can delete DMLDBP and DMLDBPS after you install Commerce Server. (DMLDBP and DMLDBPS are used for temporary storage for Direct Mailer settings only.)



Commerce Server 2002
It is a good idea to use Windows authentication for the Microsoft SQL Server connection strings to the Commerce Server 2002 databases instead of SQL authentication. If you use SQL authentication, consider the following Commerce Server 2000 guidelines.

Commerce Server 2000
To install Commerce Server, you must use a user account that has the correct permissions to work with the Commerce Server databases. This user account does not have to be an administrative SQL Server account. Microsoft does not recommend that you use a SQL Server account that has system administrator permissions to gain access to the MSCS_Admin database.

Keywords: kbinfo KB823833

-

[mailto:TECHNET@MICROSOFT.COM Send feedback to Microsoft]

© Microsoft Corporation. All rights reserved.