Dbmlsync servers are started (either using the command line or the StartServer method) using a connection string that provided
a database userid and password (for example, server_userid). In addition, the Connect method of the Dbmlsync API requires a valid database userid (for example, client_userid).
Client_userid is used only to validate whether this client has sufficient permissions to synchronize the database. When synchronizations
are performed server_userid is used.
In SQL Anywhere 12 and earlier, both client_userid and server_userid required DBA or REMOTE DBA permissions.
In SQL Anywhere 16 and later, server_userid must have sufficient privileges to synchronize. At a minimum, server_userid must have the SYS_RUN_REPLICATION_ROLE system role but other privileges may be required to allow synchronization. Client_userid must either:
Be the same as server_userid, or
Have the SYS_AUTH_DBA_ROLE system role, or
Have a user-extended role based on server_userid, for example:CREATE ROLE FOR USER server_userid;GRANT server_userid to client_userid;
While the last option ensures that client_userid has at least as many system privileges as server_userid, it is also possible for server_userid to have object-level privileges not granted to its role and therefore client_userid would not have those privileges. If those privileges are used during synchronization, then client_userid has effectively increased its privileges to perform the synchronization. If this is not acceptable, ensure that all of server_userids object-level privileges are granted to its user-extended role.