Im using sql server 2012 and transactional replication. For replication security, I created a user on subscriber, publisher and gave db_owner permissions to that user. I also gave db_owner permission to that user to distribution database. It also includes adding this user to PAL (Publication Access List).
But as per this link, giving db_owner permission will give the complete control on the database, also includes permission to delete the database. How can we overcome this problem, are there any alternatives to this.
Any other ways to implement replicaiton security.
Please help.
Replication requires db_owner level access to most all databases involved. Checkout my article series here: http://www.sqlservercentral.com/stairway/72401/
In short, there is no alternative. Use separate accounts with strong passwords for replication and do not reuse those accounts elsewhere to minimise the probability for misuse.