Account Owning Read/Write Permission for the DSM Share

Section:

Distribution

Description:

Name of the user account used for the Distribution Service that is responsible for cascading distribution in a site. The following permissions must be set up for this account if the permissions of the user account which was used to configure this service do not allow the account to access directories on a different domain:

  • Read access to the distribution source (work directory of a depot)
  • Write access to the distribution target (work or install directory of a depot) - including the right to delete files

Configuration of the account on the Management Point Server where the Distribution Service is installed:
1) The account must be defined as local administrator
2) To execute actions on the computer where it is installed, the Distribution Service automatically uses the account which is configured for the service via the operating system.
Therefore, the configured account on this computer needs the same file system permissions as the account for the Distribution Service.
Local distribution activities occur when a Management Point is installed on a depot (usually when the Management Point has only a Distribution Service).

Use the following syntax for the operating system:

  • Windows Domain: <Domain>\>User account>
  • Windows Workgroup: <User name> (Please don’t enter the name of the workgroup)

Possible Values:

<Domain>\>User account>

<User account>[.<Region>].<ORG>

<User name>

Default value:

 

Set during/as:

Installation of the Distribution Service

Set on level:

Site

 

ORG

Passed on to:

Region, site, depot

Change (via):

ORG, region, site, depot

Reference (via):

ReplSettings.RwAccount

Reasons for change:

 

Notes/Warnings:

Avoiding a Dedicated Account:
If you are not using an individual account for the Distribution Service in an Active Directory environment, make sure that the computer account of the respective Management Point has the appropriate access permissions.

See also: Using Computer Accounts for Authentication

Usage of the SYSTEM Account:
To execute actions on the computer where it is installed (Management Point!), a service automatically uses the local SYSTEM account. Therefore, the SYSTEM account on this computer needs the same file system permissions as the account for the respective service.

Security note:
To ensure security of the repository data, other than the DSM administrators, only this account should have Write access to the depot share!