Permissions

You will need users with the following permissions to interact with SharePoint:

1. Create a designated domain user in the domain in which SharePoint works (for example, siq_wss).

   • For Access Fulfillment support, assign that user as a “Site Collection Administrator” for all Site Collections, using the Web Application Policy Rule to assign these permissions.

   • If the IIS log file configuration is set to Automatic, the user must be an Administrator on all the front-end servers to access the IIS remote management API and the administrative shares.
     If the IIS log file configuration is set to Manual, assign the user Read permissions to access all IIS Logs on all front-end servers through the dedicated UNC share. See Configure View Activities Monitoring (Manual Mode Only) for further details.

2. In the installation package you can find the script called SIQGrantSharePointDBPermissions.sql under Collectors\scripts. This script can be used to generate a new user login with the required database permissions. To run the script:

   • Open the Collectors\scripts folder in the installation package.

   • Copy the script to one of the SharePoint servers.

   • Follow the instructions at the top and run the script in the SharePoint SQL Server.

3. Verify that the permissions were granted successfully
   The script should have the following messages:

   • “Successfully granted permissions to [Configuration DB]”

   • For each content database, a message “Successfully granted permissions to content db [Content DB Name]”

   • “Script execution completed successfully”