Database permissions (Office SharePoint Server)

Applies To: Office SharePoint Server 2007

This Office product will reach end of support on October 10, 2017. To stay supported, you will need to upgrade. For more information, see , Resources to help you upgrade your Office 2007 servers and clients.

 

Topic Last Modified: 2016-11-14

In this article:

  • Office SharePoint Server 2007 deployed in a stand-alone environment

  • Office SharePoint Server 2007 deployed in a server farm environment

This article describes the databases that are created, the logins (domain or local accounts) that are granted permissions to Microsoft SQL Server 2005 and databases, and the server and database roles to which you add the logins.

Office SharePoint Server 2007 deployed in a stand-alone environment

When you deploy Microsoft Office SharePoint Server 2007 on a single server by using the default settings, the Setup program automatically installs Microsoft SQL Server 2005 Express Edition and uses it to create the configuration database and content database for the SharePoint sites. In addition, the Setup program creates a Shared Services Provider (SSP), installs the SharePoint Central Administration Web site, and creates the first SharePoint site collection and site.

Fixed server roles are server-wide in their scope. The following table describes the accounts (for Office SharePoint Server 2007 in a stand-alone environment) that are added to fixed server roles, and describes each fixed server role.

Fixed server role Account Role descriptions

dbcreator

NT AUTHORITY\NETWORK SERVICE

Members of the dbcreator fixed server role can create databases, and can alter and restore their own databases.

securityadmin

NT AUTHORITY\NETWORK SERVICE

Members of the securityadmin fixed server role can manage logins and their properties at the server and database levels.

sysadmin

BUILTIN\Administrators

Members of the sysadmin fixed server role can perform any activity on the server.

NT AUTHORITY\SYSTEM

Database created after installation

Database roles are defined at the database level and exist in each database. The following table lists the databases that are created and the accounts that are assigned to specific database roles when you install Office SharePoint Server 2007 on a stand-alone server. For more information about fixed database roles, see Database-Level Roles (https://go.microsoft.com/fwlink/?LinkId=121800).

Database Database role Account

SharePoint_AdminContent_GUID

WSS_Content_Application_Pools

NT AUTHORITY\SYSTEM

NT AUTHORITY\NETWORK SERVICE

db_owner fixed database role

NT AUTHORITY\NETWORK SERVICE

SharePoint_Config

db_owner fixed database role

BUILTIN\Administrators

NT AUTHORITY\NETWORK SERVICE

WSS_Content_Application_Pools

NT AUTHORITY\NETWORK SERVICE

NT AUTHORITY\SYSTEM

SharedServicesN_DB

db_owner fixed database role

NT AUTHORITY\NETWORK SERVICE

NT AUTHORITY\LOCAL SERVICE

SharedServicesN_Search_DB

db_owner fixed database role

NT AUTHORITY\NETWORK SERVICE

NT AUTHORITY\LOCAL SERVICE

SharedServicesContent

db_owner fixed database role

NT AUTHORITY\NETWORK SERVICE

WSS_Content

db_owner fixed database role

NT AUTHORITY\NETWORK SERVICE

WSS_Search_ComputerName

db_owner fixed database role

NT AUTHORITY\NETWORK SERVICE

NT AUTHORITY\LOCAL SERVICE

Office SharePoint Server 2007 deployed in a server farm environment

When you install Office SharePoint Server 2007, you must check to make sure that the database server is running Microsoft SQL Server 2005 or Microsoft SQL Server 2000 with the most recent service pack. You do not need to set up or create specific databases for Office SharePoint Server 2007. The Office SharePoint Server 2007 Setup program will create the necessary databases when you install and configure Office SharePoint Server 2007.

A large server farm typically consists of two or more clustered database servers, several load-balanced front-end Web servers running Office SharePoint Server 2007, and two or more application servers running Office SharePoint Server 2007. In this configuration, the application servers provide specific services, such as indexing or Excel Calculation Services, and the front-end servers provide Web content.

Fixed server roles are server-wide in their scope. The following table describes the accounts (for Office SharePoint Server 2007 in a server farm environment) that are added to fixed server roles and describes each fixed server role.

Fixed server role Account Role description

sysadmin

NT AUTHORITY\SYSTEM

Members of the sysadmin fixed server role can perform any activity on the server.

BUILTIN\Administrators

dbcreator

Installing user

Members of the dbcreator fixed server role can create databases, and can alter and restore their own databases.

securityadmin

Installing user

Members of the securityadmin fixed server role can manage logins and their properties at the server and database levels.

Database created after installation

Database roles are defined at the database level and exist in each database. The following table lists the databases that are created and the accounts that are assigned to specific database roles when you install Office SharePoint Server 2007. For more information about fixed database roles, see Database-Level Roles (https://go.microsoft.com/fwlink/?LinkId=121800).

Database Database role Account

SharePoint_AdminContent_GUID

WSS_Content_Application_Pools

NT AUTHORITY\SYSTEM

SharePoint_Config

db_owner fixed database role

BUILTIN\Administrators

Database created after creating a Web application

The following table lists the database that is created and the account that is assigned to specific database roles when you create the Web application after installing Office SharePoint Server 2007.

Database Database role Account

WSS_Content

db_owner fixed database role

Installing user

Database created after starting the search service

The following table lists the database that is created and the account that is assigned to specific database roles when you start the search service after installing Office SharePoint Server 2007.

Database Database role Account

WSS_Search_ComputerName_SearchDatabase

db_owner fixed database role

Installing user

Database created after creating an SSP

The following table lists the databases that are created and the accounts that are assigned to specific database roles when you create a Shared Services Provider (SSP) after installing Office SharePoint Server 2007.

Database Database role Account

SharedServicesN_DB

db_owner fixed database role

Installing user

SharedServicesN_Search_DB

db_owner fixed database role

Installing user

See Also

Concepts

Security and permissions reference (Office SharePoint Server)
List of rights (Office SharePoint Server)
User permissions and permission levels (Office SharePoint Server)
Account permissions and security settings (Office SharePoint Server)
Files and permissions for Office SharePoint Server 2007
Special directories and storage locations (Office SharePoint Server)
Installation directory included in Office SharePoint Server 2007 that is not included in Windows SharePoint Services 3.0
Default authentication settings (Office SharePoint Server)
Authentication clients (Office SharePoint Server)