Replication security

The following information describes the general security environment for iBase Database Replication. However, there are no differences between security for replicated iBase databases and security for other types of replicated database. For detailed information on general replication security, refer to the Microsoft SQL Server documentation.

The following section also explains the SQL Server logins required by iBase administrators. In particular, the permissions required for the iBase Conflict Viewer.

SQL Server Agent

Replication, in common with other SQL Server functions that use scheduled services, requires an SQLServerAgent service to be running on each SQL Server instance (whether Publisher, Distributor, or Subscribers). Configure the SQL Server Agent service to start automatically when the server starts up.

This service needs a Windows logon and password. For Windows logons, you can use one of the following:

  • A domain account. If the account belongs to different domains, you might need to set up trust relationships between the domains. However, for SQL Server Agents, the account does not need to belong to the Windows Administrators group.
  • Local accounts. Each local account must be identical on all servers and must be a member of the local Administrators group.

The Merge and Snapshot Agents used by merge replication run within the security context of the SQL Server Agent. For more information, see the Microsoft SQL Server documentation.

The SQL Server Agent account needs appropriate permission to the snapshot folder on the server that acts as the Distributor.

Snapshot files and folder

The folder in which the initial snapshot files of the iBase data are stored must be available to the SQL Server Agent account for the Publisher and Subscribers. Specifically:
  • The Snapshot Agent that writes the initial snapshots from the Publisher requires Full Control.
  • The Merge Agent for each Subscriber requires Read access (because the Merge Agent must read the snapshot at each Subscriber before replication can start).
To ensure secure access to the snapshot files, use an explicit share, rather than the administrative share because accounts must be a member of the Administrators group to access this share.

In addition to the default permissions on this folder, the SQL Server Agent account for the Publisher needs read and write access to the contents of the folder so that they can read and write snapshot files.

Security mode

Connections to a server (Publisher, Distributor, or Subscribers) can use Windows Authentication or SQL Server security. Windows Authentication provides greater security and general ease of use.

SQL Server login and roles for SQL Server administrators

You must be an SQL Server system administrator to enable the servers, on which the iBase databases are held, for replication.

After replication is enabled, you do not need to be an SQL Server system administrator to configure publications and subscriptions, or to invoke or schedule the replication agents. You must be in the sysadmin or db_owner roles to create publications, create subscriptions, and attach subscription databases.

SQL Server login and roles for iBase administrators

If you follow the configuration method for iBase database replication that uses attachable subscription databases, then you must grant the logins for the iBase administrators access to the subscription databases as they lose their access rights as a result of this configuration method.

The user responsible for conflict resolution in iBase must have the necessary permissions to access the SQL Server conflict tables. You grant this access by adding their login name to the Publication Access List.