How to: Assign Permissions to the Snapshot Folder

  • Article

In this topic, you will learn how to configure access to the snapshot folder by setting the share and NTFS file system permissions. You must correctly configure both share access and NTFS permissions so that the Microsoft SQL Server 2005 Compact Edition (SQL Server Compact Edition) Subscribers can access the published data.

To configure share permissions for the snapshot folder

  1. You must share and then assign the Read share permission to the snapshot folder. The account to which you assign the Read permission depends on the type of Microsoft Internet Information Services (IIS) authentication you have configured:

    • If IIS is configured to use Anonymous access, the SQL Server Compact Edition Replication Provider runs under the identity of the default IIS anonymous user account (the Internet Guest Account: IUSR_computername). If you configure another Windows user account as the IIS anonymous user account, the SQL Server Compact Edition Replication Provider runs under the identity of that account.
    • If IIS is configured to use Basic or Integrated Windows Authentication, the SQL Server Compact Edition Replication Provider runs under the identity of the Windows user account corresponding to the logon and password supplied by the Subscriber for the InternetLogin and InternetPassword properties of the SqlCeReplication object.

To configure NTFS permissions for the snapshot folder

  1. On the computer that is running Microsoft SQL Server, start Windows Explorer by double-clicking My Computer.

  2. Locate the snapshot folder, right-click the folder, and then click Properties.

  3. Click the Security tab. If the Security tab is not displayed, you are using a FAT file system and cannot assign NTFS permissions.

  4. Set the NTFS directory permissions, using the following list as a guide:

    • Assign Full Control permission to SQL Server Service and SQL Server Agent Service.
    • If you are using IIS Anonymous Authentication, assign Read permission to computername/IUSR_computername.
    • If you are using Basic or Integrated Windows Authentication, assign Read permission to the client user account, or to a group in which that account is a member.