updating mssql docs (#3477)

2017-10-19 11:21:29 -04:00 · 2017-10-19 11:21:29 -04:00 · df29bc4fc0
parent d150f374fd
commit df29bc4fc0
1 changed files with 11 additions and 1 deletions
--- a/website/source/docs/secrets/databases/mssql.html.md
+++ b/website/source/docs/secrets/databases/mssql.html.md
@ -26,13 +26,23 @@ configuration:
 ```
 $ vault write database/config/mssql \
    plugin_name=mssql-database-plugin \
-    connection_url='sqlserver://sa:yourStrong(!)Password@localhost:1433' \
+    connection_url='server=localhost;port=1433;user id=sa;password=Password!;database=AdventureWorks;app name=vault;' \
    allowed_roles="readonly"

 The following warnings were returned from the Vault server:
 * Read access to this endpoint should be controlled via ACLs as it will return the connection details as is, including passwords, if any.
 ```

+In this case, we've configured Vault with the user "sa" and password "Password!",
+connecting to an instance at "localhost" on port 1433. It is not necessary
+that Vault has the sa login, but the user must have privileges to create
+logins and manage processes. The fixed server roles `securityadmin` and
+`processadmin` are examples of built-in roles that grant these permissions. The
+user also must have privileges to create database users and grant permissions in
+the databases that Vault manages.  The fixed database roles `db_accessadmin` and
+`db_securityadmin` are examples or built-in roles that grant these permissions.
+
+
 Once the MSSQL connection is configured we can add a role:

 ```