Published 30 November 2017
Version 2.2.0 of SQL Clone introduced role-based permissions. These allow administrators to assign Active Directory users or groups into specific roles, enabling them to control who can do what with SQL Clone. These permissions apply on both the web UI and via PowerShell or other clients.
If you need more granular permissions (such as restricting access to a certain instance) you can also use our new teams feature introduced in version 4.
Users in the clone-only group can:
- view all images on the dashboard,
- create clones from any image,
- delete clones from any image,
- download and install agents onto their current machine,
- manually configure SQL Server instance locations if the agent does not find them automatically,
- view agent information on the Machines page,
- download and use PowerShell cmdlets (with the above restrictions applying to their use as well).
This role can be given to anyone who ought to be able to provision clones for themselves or others.
Users in the standard group can:
- do anything a clone-only user can,
- create images from live databases and backup files,
- run scripts during image creation (including changing database permissions),
- configure image storage locations,
- delete images,
- create a clone template on an image,
- delete clone templates,
- place images into teams that they are a member of.
This role should be given to users authorised to view data from the original data sources used to make the images.
Users in the administrator group can:
- do anything clone-only or standard users can,
- update (including disable) the Clone Server's license,
- update SQL Clone via the web UI,
- configure role-based permissions for any user,
- create, edit and remove teams.