xaminmo: Josh 2016 (Default)
[personal profile] xaminmo
Because the AvePoint docs are somewhat Engrish and overall not so great, IBM has released a nice whitepaper at:
https://www-304.ibm.com/support/docview.wss?uid=swg21474709

I've annotated below with asterisk notes.


Perms for Granular Backup :
1. Farm Admin within SharePoint
2. Web application policy within SharePoint
3. Local administrator where the particular DocAve Agent is installed
4. DBO permissions to the Content Databases and Central admin databases

Perms for Granular Backup including MySites :
1. Farm Admin within SharePoint
2. Web application policy within SharePoint
3. Full Control to Personalization Services within SharePoint
4. Local administrator where the particular DocAve Agent is installed.
5. Dbo permissions to the Content Databases and Central admin databases

Perms for Platform Backup :
1. Farm Admin within SharePoint
2. Web application policy within SharePoint
3. Local administrator where the particular DocAve Agent is installed
4. DBO permissions to the Content Databases and Central admin databases with SQL
5. Security Admin within SQL
* NOTE: You need a member agent installed on each active SQL server.
* NOTE: You need a member agent on each cluster node to get the cluster configs
* NOTE: Install a member agent on each WFE to spread the small-request load around since the agents are single threaded.

Perms How to grant SQL Sysadmin
1. Please open SQL Server Management Studio and connect to the SharePoint SQL instance.
2. Please go to Security -> Server Roles -> sysadmin.
3. Please click on Add button and add DocAve Agent account into this group.

How to give Local Admin permissions
1. Please log in to XXX server and go to Server Manager.
2. Please go to Configuration -> Local Users and Groups -> Groups -> Administrators.
3. Please click on Add button and add DocAve Agent account into this group.

Granting the Agent Farm Admin permissions
1. Please log in to SharePoint Central Admin.
2. Please go to Site Actions -> Site Settings -> Advanced permissions.
3. Please click on New button to add the Agent account into the Farm Administrators group.

Granting SSP Admin permissions
1. Please log in to SharePoint Central Admin and click on the Shared Services Administration instance.
2. Please click on Personalization services permissions.
3. Please add DocAve Agent account with all permissions listed.

Adding a user to Web Application Policy - Moss 2007:
1. Please log in to SharePoint Central Admin.
2. Please go to Application Management -> Policy for Web application.
3. Please add DocAve Agent account with full control for the (specific) web application.

Adding a user to Web Application Policy - SharePoint 2010:
1. Please log in to SharePoint Central Admin and click on Manage web applications.
2. Please select the Web Application and click on the User Policy button.
3. Please click on Add Users and add DocAve Agent account with full control.

Three additional permissions need to be granted:
Act as part of the operation system, Log on as a batch job and Replace a process level token. Please follow the steps below to add the corresponding permissions for one user.
1. Navigate to Start->Run, enter gpedit.msc in the pop-up window.
2. Navigate to Computer Configuration->Windows Settings->Security Settings->Local Policies->User Rights Assignment and add the corresponding user to the three policies on the right of the window.

For Content Manager module, the following permissions are required:
1. The Read and Write permissions for the installation path of the Agent.
2. The permission to create Event Logs:
a. Navigate to Start->Run, enter regedit in the pop-up window.
b. Find the corresponding key:
HKEY_LOCAL_MECHINE\SYSTEM\CurrentControlSet\servicecs\Eventlog
c. Right click on the key and click Permissions to add the corresponding permissions for the user.
NOTE: If the module could not be used after you add the permissions above, please assign Local Admin permission to the corresponding user.

For Replicator module, Auditor module and the other functions under the Administration module
The Local Admin permission is required.

Profile

eserver: (Default)
IBM POWER servers

June 2017

S M T W T F S
    123
45678 910
11121314151617
18192021222324
252627282930 

Syndicate

RSS Atom

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Jul. 22nd, 2017 10:43 am
Powered by Dreamwidth Studios