Due to a long-winded cock-up, I spent last night rebuilding our McAfee ePolicy Orchestrator server.
It had originally been configured to use a global Domain Admin account which I'm trying to purge, so I took the opportunity to use a service account to set up the database.
I got access errors so, in the interests of at least having an AV server for the morning, I used my own admin account with a view to changing it come the morning.
McAfee's documentation is very helpful in telling me that I can use https://servername:port/core/config to change the Database Owner.
However, it doesn't seem to go as far as saying what privileges that account actually needs.
I added my service account to the now-built-in SQL groups on the local machine, put in the credentials to McAfee and hit Test Connection; the connection was successfully made, so I restarted the server.
When it came back up, I couldn't login, because it couldn't talk to the database. A quick bit of manual-file-hacking later and I'm back up and running, with my own admin account again.
I don't particularly want to do a lot of that, so does anyone know what rights I need to grant my intended service account to allow it to operate as the database owner?