7 thoughts on “Master Data Services – Change System Administrator

  1. Hi Jeanne,

    Do we need to consider anything in terms of changing the application pool identity in IIS?


    • Hi,

      You will need to check if the application pool is using your AD account as its identity and change that to a system account as well if it is being used.

      • Well, it looks like this is not relevant to MDS 2016 as that stored proc doesn’t exist on there at all. It’s now done through the front end using the Super User function in User and Group Permissions section (Functions tab when editing a user).

  2. Interesting way of doing things.

    I have to admit I have wrangled using Service Accounts with MDS for quite a while (SQL Server 2016) – to get service accounts to work (and more importantly, having access to be able to log into the UI!) I find that I need to create either the MDS Database or the MDS application using my own account, get it working, then switch over to the service account. If I attempt to create the application straight up using the service account, I am generally greeted with a very stark and annoying “Access is denied” error message.

    It took me a few moments to realise that the reason I can’t log into the UI was because I wasn’t a user in the system.

    Am I the only one who finds this rather annoying? I have a preference to setup things from the beginning using the appropriate and assigned service accounts, in the same way you would a new SQL Server instance.

    I wish Microsoft would try a touch harder with this otherwise useful tool.

    • I actually had the same issue not so long ago with setting up the DB with the service account first. Luckily I was able to log in with the service account and add myself as a super user.

      Would be nice if you could add users from the config manager as well.

      • Thanks Jeanne! At least I am not the only one who has had issues with this.

        And yes, I agree – all they need is the ability to create a user in the Configuration app and all this angst would go away (you would not believe how much hassle I get from my audit and security team over having personal accounts attached to applications).


  3. Hi,

    I want to make the service account I am using as super user, this service account ID in the table mdm.tblUser is 1, but it does not have the full access, like granting update to an entity in one of the models.

    Can someone help.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.