Agent for SharePoint Guide › Configure SharePoint › Permissions Required for Trusted Identity Provider and Claims Provider
Permissions Required for Trusted Identity Provider and Claims Provider
Users who create the trusted identity provider and install or configure the SharePoint claims provider need the following permissions:
- User account permissions
-
User accounts require the following privileges:
- Domain user account.
- Member of Local administrator group on each SharePoint server in the farm (except for the SQL Server and SMTP server)
- Access to the SharePoint 2010 server databases.
- Setup User Account
-
The setup user account requires the following permissions:
- Member of the WSS_ADMIN_WPG Windows security group.
- Member of the IIS_WPG role group.
- Database permissions
-
The following database permissions are required:
- db_owner on the SharePoint Server 2010 server farm configuration database.
- db_owner on the SharePoint Server 2010 Central Administration content database.
- PowerShell scripts for Claims Provider
-
Running the PowerShell scripts for the Claims Provider requires the following permissions:
- Local administrator on all SharePoint web front end (WFE) servers.
- Access (read/write) to the configuration database.
Note: The preceding permissions apply when the user is not an Administrator or not part of an Administrator group.
Copyright © 2013 CA.
All rights reserved.
|
|