SharePoint custom permission for db_owner is removed after content database dismount and mount operations

Applies to: SharePoint Server 2019

Symptoms


After adding users to a SQL database in SharePoint, and then performing dismount and mount operations, the users' db_owner permission is removed. 

 

Cause


This situation occurs when the following steps are taken:

  1. Add two users to the content database with db_owner and SPDataAccess permissions.
  2. Detach the database using Dismount-SPContentDatabase.
  3. Run Mount-SPContentDatabase.

The two users are present in the SQL database, but the db_owner permission has been removed.

SharePoint currently strips all members of ContentDB's DBO role (except for the user running the upgrade) as part of an improved security model.

Resolution


To run the scenario and retain the db_owner permission, you must first modify the registry:

  1. Locate and then select the following registry subkey:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Shared Tools\Web Server Extensions\16.0\WSS\
  2. Select Edit, then New, and then select DWORD Value.
  3. Enter BypassDboDropMember, and then select the Enter key.
  4. In the Details pane, select and hold (or right-click) BypassDboDropMember, and then select Modify.
  5. In the Value data box, enter 1, and then select OK.
  6. Exit the Registry Editor.