...
Because each EmpowerID Windows Service accesses the EmpowerID database, service account users must have the right to alter the database on the target SQL server. Specifically, service accounts must have the following database capabilities:
Required Windows Service Rights |
|---|
Connect |
Authenticate |
Execute |
Delete |
Insert |
Select |
Update |
Alter — Needed on the following tables only to allow for truncation:
|
|
Required IIS Application Pool Rights
The application pool identity requires read access to the EmpowerID web site website folders. If you are using SharePoint, the The EmpowerID application pool requires read access to the SharePoint database and the SharePoint web site if you are using SharePoint. The SharePoint website application pool needs the same rights to the EmpowerID database as the EmpowerID application pool.
...
The EmpowerID service account interacts with the local machine to perform a variety of various maintenance procedures, including the distribution distributing and maintenance of maintaining new workflows and other Workflow Studio published items. The service account needs the following access rights on the local machine:
Required Local Machine rights |
|---|
Install files in to the local global assembly cache (GAC) |
Read the registry |
Read certificates in the local certificate store |
Spin child processes |
Run C# compiler in the background if and when necessary |
Create files in the temp folder |
Run remote PowerShell for Microsoft Exchange |
Create files and folders in the following locations:
|
Required Directory Management Rights
...
In addition to the above rights, the EmpowerID Worker Role Service and the EmpowerID Web Role Service each requires service accounts with additional rights. The specific rights needed by each service is as follows:
EmpowerID Windows Service | Service Account Rights Required |
|---|---|
EmpowerID Worker Role Service |
|
EmpowerID Web Role Service |
|
| Insert excerpt | ||||||
|---|---|---|---|---|---|---|
|