Account permissions required by Sophos for Microsoft SharePoint

  • Article ID: 58866
  • Rating:
  • 1 customers rated this article 3.0 out of 6
  • Updated: 08 May 2014

This article outlines the required permissions of the services account and the user performing the installation.

Applies to the following Sophos product(s) and version(s)

Sophos for Microsoft SharePoint

Installing user

When installing Sophos for Microsoft SharePoint, you need to be logged on with local administrator rights. If you are in a domain, you must also be a domain user.

Note: By default the installer will create or attempt to use a local SOPHOS SQL instance for the Sophos for Microsoft SharePoint databases, if you want to use a different SQL instance then you need to be a member of the SQL Sysadmin role on this database server.

Services account

During the install you need to specify a services account for the Sophos for Microsoft SharePoint services. It is advised that the Farm account is not used because according to Microsoft guidance accounts used by application pools should not be in the Local Administrators group. The services account has the below requirements based on its scanning/cleaning functionality:

On-access (VSAPI) scanning for upload and download

The services account needs to be a member of the below groups:

  • Local Administrators
  • Farm Administrators

Note: If SharePoint connects to your SharePoint databases using Windows authentication, this account must also be a member of the SQL Sysadmin role on the database server.

On-demand and scheduled scanning

The services account needs permissions to scan and clean items, as required by the permissions model in use.

Note: For a default SharePoint installation, Site Collection Administrator rights over the required sites are usually required, including the SharePoint Central Administration web site if you need to scan this site.

Related information / See also

Sophos for Microsoft SharePoint startup guide Version 2
Sophos for Microsoft SharePoint startup guide Version 3

 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments