Hey All – Recently ran into an issue where a customer had AvePoint installed in the farm (Which requires the DocAve account to have db_owner) and after every CU it’d remove an user that was manually granted db_owner. This is actually a security measure in place to make sure there isn’t an errant account left with db_owner permissions on the database. There are times when we want that account to stay (For things like third party tools or RBS..though they should find a way to use SP_DATA_ACCESS instead!) There is a registry key BypassDboDropMember that was added to SP2013 in the October 2016 CU and to SP2016 in the October 2017 CU (Note: You will need to be on these CU levels to gain access to this functionality) for bypassing this behavior:
Instructions For SP2013 (From support.microsoft.com link above):
Note: For SP2016 just change the registry subkey to 16.0
- After you install this update, you can follow these steps to control the metafiles optimization:
Start Registry Editor:
- In Windows Server 2012, if you’re using a mouse, move it to the upper-right corner, go to Search, enter regedit in the search text box, and then select regedit.exe in the search results.
- In Windows Server 2008, go to Start, enter regedit in the Search programs and files text box, and then select regedit.exe in the search results.
- Locate and then select the following registry subkey:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\15.0\WSS\
- On the Edit menu, point to New, and then select DWORD Value.
- Enter BypassDboDropMember, and then press the Enter key.
- In the Details pane, press and hold (or right-click) BypassDboDropMember, and then select Modify.
In the Value data box, enter 1, and then select OK.
Note If you don’t want to bypass the behavior, you can set the value to 0.
- Exit Registry Editor.