Files and Permissions

This appendix lists the detailed, minimum file permission settings that must be in place for Microsoft Windows SharePoint Services to perform as designed.

Windows SharePoint Services Installation Directory

The Windows SharePoint Services installation directory is C:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\60 by default.

Installation directory User Permissions
\ADMISAPI

Users

Administrators

SYSTEM

Read & Execute

Full Control

Full Control

\BIN

Users

Administrators

SYSTEM

Read & Execute

Full Control

Full Control

\CONFIG

Users

Administrators

SYSTEM

Read & Execute

Full Control

Full Control

\ISAPI

Users

Administrators

SYSTEM

Read & Execute

Full Control

Full Control

\TEMPLATE

Users

Administrators

SYSTEM

Read & Execute

Full Control

Full Control

Web Site Content Area

This listing is for a Web site content area of \inetpub\wwwroot.

Web site content area User Permissions

\inetpub

 Note   All directories enclosing the content root will grant LIST permissions to these accounts.

\inetpub\wwwroot\_vti_pvt

Users

Administrators

SYSTEM

IIS_WPG

Internet Guest Account (IUSR_*)

Read & Execute, Read

Full Control

Full Control

Read & Execute, Read

Special Permissions

web.config

Users

Administrators

SYSTEM

IIS_WPG

Internet Guest Account (IUSR_*)

Read & Execute, Read

Full Control

Full Control

Read & Execute, Read, Special Permissions

Special Permissions

wpresources\web.config

Users

Administrators

SYSTEM

IIS_WPG

IUSR_*

Internet Guest Account (IUSR_*)

Read & Execute, Read

Full Control

Full Control

Read & Execute, Read, Special Permissions

Special Permissions

Windows Directory

Windows SharePoint Services also changes permissions for two folders in the Microsoft Windows directory (%WinDir%).

Windows directory User Permissions
%temp%

Administrators

SYSTEM

STS_WPG

Network Service (for a domain controller only)

Full Control

Full Control

Read, Write

Read, Write

%WinDir%\logfiles\STS

Administrators

SYSTEM

STS_WPG

Network Service (for a domain controller only)

Full Control

Full Control

Read, Write

Read, Write

 
 
Applies to:
Deployment Center 2003