Before you start the installation of the Application Server Database you should consider following points that influence security aspects of your Redbex installation.
The accessing user is a SQL Server login or a Windows user (depending on the authentication model used by your SQL Server) that is used by the Application Server to access the data in the Application Server Database.
All read and write operations are performed as that user, therefore that user has full read and write permissions on all data in the database (roles db_datareader and db_datawriter. We suggest to use a separate user account as the accessing user that is only used by the Application Server. As always the password for that user should be a strong password.
For security reasons we also strongly recommend to not use an SQL server login with SQL server roles sysadmin, securityadmin, servaradmin or setupadmin.
If you advice the Setup Program to create the accessing user for you that user will be given the roles db_datawriter and db_datareader automatically.
The manager user is a Redbex user that is created during installation of the Application Server database. This user will automatically be granted privileges to read and write most data in Redbex. We recommend to not use this user for your every day work with Redbex but only for administrative tasks. As always the password for that user should be a strong password.
