Versions Compared

Old Version 2

changes.mady.by.user Luis Diego Vargas Guell

Saved on

compared with

New Version 3

changes.mady.by.user Luis Diego Vargas Guell

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleDatabase Permissions Checklist

After doing all the changes specified previously, this is the complete list of user database roles as they should be.

Database NameRole
SharePoint_Config
  • SPDataAccess
  • SharePoint_Shell_Access
SharePoint_AdminContent_<GUID>
  • SPDataAccess
  • WSS_Content_Application_Pools
  • SharePoint_Shell_Access
Bdc_Service_DB_<GUID>
  • SPDataAccess
Search_Service_Application_AnalyticsReportingStoreDB_<GUID>
  • SPSearchDBAdmin
Search_Service_Application_CrawlStoreDB_<GUID>
  • SPSearchDBAdmin
Search_Service_Application_DB_<GUID>
  • SPSearchDBAdmin
Search_Service_Application_LinksStoreDB_<GUID>
  • SPSearchDBAdmin

 

Note

Since SharePoint setup user and server farm account have these privileges, it is recommended to use one of those accounts for this. Setup user is recommended, since it has machine admin rights as well.

...

Security Pre-Trimmer

...

The Security PreTrimmer requires that the user identity sent to it contains at least one of the following claim types: 

  • claims/userlogonname: This is for windows authentication. The pretrimmer will use this value to send it to the Aspire Group Expansion.
  • claims/primarysid: This is for other types of authentication (e.g. ADFS). The pretrimmer will take the primary SID value and translate it into a valid user id to send it to the Aspire Group Expansion.

...