Permissions for SDx processes - HxGN SDx - Update 60 - Administration & Configuration

HxGN SDx Server Manager Help

Language
English
Product
HxGN SDx
Search by Category
Administration & Configuration
SmartPlant Foundation / SDx Version
10

Below are recommendations for setting permissions for SDx processes on the application server.

When a new site is created in Server Manager, the Create local operating system users for site application pools option is selected by default and creates local users on the operating system, sets them to run as the identity of the related application pool, and adds the local user to the Users group. If you prefer to perform this process manually, do not select this option and see Set up IIS Application Pools and User Accounts Manually for details on creating users and application pools manually. The permissions that need to be set manually are summarized below.

If you use Server Manager to set up permissions during site creation and you later move the location of any system folders, you must ensure the correct permissions are set for those folders in their new locations.

Oracle Client

Make sure the entire Oracle Client folder from the root drive has read/execute/list permissions propagated for the IIS users.

Directory

Permissions

Oracle Client installation directory
This folder, subfolders, and files

READ, EXECUTE, LIST

.NET Framework

Make sure all the .NET Framework directories from the root drive have read/execute/list permissions propagated for the IIS users.

Directory

Permissions

%SystemRoot%
This folder and files

READ, EXECUTE, LIST

%SystemRoot%\System32
This folder and files

READ, EXECUTE, LIST

%SystemRoot%\System32\Inetsrv
This folder, subfolders, and files

READ, EXECUTE, LIST

%SystemRoot%\Microsoft.NET
This folder, subfolders, and files

READ, EXECUTE, LIST

%SystemRoot%\Globalization
This folder, subfolders, and files

READ, WRITE, EXECUTE, LIST

File Access

  • Schema Shared Folder - Make sure the schema folder for each site has read permission for the SDx users.

  • Debug/Logs - Make sure all the debug log directories have read/execute/list/write permissions for SDx/IIS users if logging is being used.

  • SDx Program Files - Make sure all the SDx program directories have read/execute/list permissions for the SDx/IIS users.

Directory

Permissions

<drive>:\Program Files\Common Files\Intergraph
This folder, subfolder, and files

READ, EXECUTE, LIST

<drive>:\Program Files\[product folder]
This folder, subfolder, and files

READ, EXECUTE, LIST

File Service, File Upload and Submission Management

  • SDx Vaults - Make sure all the vault directories have read/execute/list/write permissions for the SDx/IIS users.

  • System Temp Directory - Make sure the system temp directory has read/execute/list/write permissions for the SDx/IIS users.

  • Web Client file upload and submission directories - Make sure that all file management directories are read/execute/list/write permissions for the SDx/IIS users.

Directory

Permissions

<drive>:\SDx Server Files
This folder, subfolder, and files

READ, WRITE, EXECUTE, LIST

%SystemRoot%\Temp
This folder, subfolders, and files

READ, WRITE, EXECUTE, LIST

Because permissions are propagated to all subfolders below these directories, if a subfolder is moved to another location, you may need to manually set up permissions for it in its new location.