Just as I did with a previous blog post documenting:
Microsoft Lync Server 2010 Enterprise Pool SQL Database Permissions
https://blog.terenceluk.com/2011/01/microsoft-lync-server-2010-enterprise_31.html
… this post serves to document the default permissions assigned to the Monitoring and Archiving servers’ databases.
Archiving Server
The LcsLog database belonging to the archiving server only has one Lync Server 2010 related service account assigned in the security properties of the database:
The RTCComponentUniversalServices account is assigned the following permissions:
Using the sp_helplogins stored procedure to list the permissions of the database will yield the following:
|
LoginName |
DBName |
UserName |
UserOrAlias |
|
SomeDomainRTCComponentUniversalServices |
LcsLog |
SomeDomainRTCComponentUniversalServices |
User |
|
SomeDomainRTCComponentUniversalServices |
LcsLog |
ServerRole |
MemberOf |
|
sa |
LcsLog |
db_owner |
MemberOf |
|
sa |
LcsLog |
dbo |
User |
Monitoring Server
The monitoring server writes to 2 databases:
LcsCDR
The LcsCDR only has only one Lync Server 2010 related service account assigned in the security properties of the database:
The RTCComponentUniversalServices account is assigned the following permissions:
QoEMetrics
As with the LcsCDR database, the QoEMetrics database only has only one Lync Server 2010 related service account assigned in the security properties of the database:
The RTCComponentUniversalServices account is assigned the following permissions:
Using the sp_helplogins stored procedure to list the permissions for both databases will yield the following:
| LoginName | DBName | UserName | UserOrAlias |
| SOMEDOMAINRTCComponentUniversalServices | LcsCDR | SOMEDOMAINRTCComponentUniversalServices | User |
| SOMEDOMAINRTCComponentUniversalServices | LcsCDR | ReportsReadOnlyRole | MemberOf |
| SOMEDOMAINRTCComponentUniversalServices | LcsCDR | ServerRole | MemberOf |
| SOMEDOMAINRTCComponentUniversalServices | QoEMetrics | SOMEDOMAINRTCComponentUniversalServices | User |
| SOMEDOMAINRTCComponentUniversalServices | QoEMetrics | ServerRole | MemberOf |
| SOMEDOMAINlyncreport | LcsCDR | Lyncreport | User |
| SOMEDOMAINlyncreport | LcsCDR | ReportsReadOnlyRole | MemberOf |
| SOMEDOMAINlyncreport | QoEMetrics | Lyncreport | User |
| SOMEDOMAINlyncreport | QoEMetrics | ReportsReadOnlyRole | MemberOf |
| sa | LcsCDR | db_owner | MemberOf |
| sa | LcsCDR | dbo | User |
| sa | QoEMetrics | db_owner | MemberOf |
| sa | QoEMetrics | dbo | User |
Hope this helps anyone who may be scrambling to find somewhere to reference what the default permissions for the monitoring and archiving databases are.
