Export (0) Print
Expand All

Configuring permissions for backup and recovery (SharePoint Server 2010)

 

Applies to: SharePoint Server 2010, SharePoint Foundation 2010

Topic Last Modified: 2011-11-11

Before backing up or restoring Microsoft SharePoint Server 2010, you must ensure that the timer service account, SQL Server service account, and users running the backup or restore operations have the correct permissions or are members of the correct Windows security groups or SharePoint groups. These permissions and group memberships must be configured initially. Subsequently, they must be updated when new farm components are added to the environment and if you want to add users who will perform backup and restore operations.

In this topic:

The Windows SharePoint Services Timer V4 (SPTimerV4) and the SQL Server service account in SharePoint Server 2010 perform backup and restore operations on behalf of the user. These service accounts require Full Control permissions on any backup folders.

You must ensure that all user accounts that will be backing up or restoring your farm and farm components by using Central Administration have the group memberships that are described in the following table.

Required group memberships

Farm component Member of Administrators group on the local computer Member of Farm Administrators SharePoint group

Farm

Yes

No

Service Application

Yes

No

Content Database

Yes

No

Site Collection

No

Yes

Site, list, document library

No

Yes

You must ensure that all user accounts that will be backing up or restoring your farm and farm components by using Windows PowerShell are added to the SharePoint_Shell_Access role for a specified database and have the permissions described in the table later in this section.

You can run the Add-SPShellAdmin cmdlet to add a user account to this role. You must run the command for each user account. Moreover, you must run the command for all databases to which you want to grant access.

noteNote
You only need to grant a user account access to back up and restore a specific farm component one time. You will have to perform this task again only when new farm components are added to your environment or when you want to add users to perform backup and restore operations.
To add a user to or remove a user from the SharePoint_Shell_Access role by using Windows PowerShell
  1. Verify that you meet the following minimum requirements: See Add-SPShellAdmin.

  2. On the Start menu, click All Programs.

  3. Click Microsoft SharePoint 2010 Products.

  4. Click SharePoint 2010 Management Shell.

  5. At the Windows PowerShell command prompt (that is, PS C:\>), type the following command, and then press ENTER:

    Add-SPShellAdmin -Username <User account> -Database <Database ID>

    To add a user account to all the databases in the farm, type the following command, and then press ENTER:

    ForEach ($db in Get-SPDatabase) {Add-SPShellAdmin -Username <User account> -Database $db}

    To remove a user account from all the databases in the farm, type the following command, and then press ENTER:

    ForEach ($db in Get-SPDatabase) {Remove-SPShellAdmin -Username <User account> -Database $db}

    To view the user accounts currently added to the databases in the farm, type the following command, and then press ENTER:

    ForEach ($db in Get-SPDatabase) {Get-SPShellAdmin -Database $db}

For more information, see Add-SPShellAdmin.

You might also have to grant additional permissions to the users running the backup or restore operation by using Windows PowerShell. The following table shows the permissions that are required.

Required permissions for Windows PowerShell

Farm component Member of Administrators group on the local computer Member of Farm Administrators SharePoint group Full Control on backup folder

Farm

Yes

No

Yes

Service application

Yes

No

Yes

Content database

Yes

No

Yes

Site collection

No

Yes

Yes

Site, list, document library

Yes

No

Yes

Was this page helpful?
(1500 characters remaining)
Thank you for your feedback
Show:
© 2014 Microsoft