What are the Minimum Permissions for AgilePoint Server?

AgilePoint recommends the following security settings for the AgilePoint Service Account on the AgilePoint Server machine. These are the only permissions supported by AgilePoint out of the box:

SystemPermissionsNotes

AgilePoint Server Machines

  • Local administrator
  • ServiceLogon
  • Member of the following groups:
    • Administrator
    • Performance Monitor Users
    • IIS_IUSRS
  • This user account will also be used to initially sign in to AgilePoint NX.
  • If you are installing AgilePoint Server on a Domain Controller, this cannot be a local administrator account.

If you are not able to provide these full permissions due to your company's IT policies, the following guidance applies:

SystemPermissionsNotes

AgilePoint Server Component

  • Full control of AgilePoint installation folder.
  • Full control of the Windows tmp folder.
  • Full control of the system event log for the AgilePoint log entry.
  • Read and write access for the folder c:\Application files\Common\Ascentn
  • Read and write access to the Windows Registry.
  • Read and write access to the performance counter for % CPU utilization.
  • Permission to open all applicable ports as a listener.

    For more information, refer to Reserve Port Numbers for AgilePoint NX Components.

  • Outgoing access to your SMTP port.
  • Outgoing access to your Active Directory port.

Additional components, for example AgileConnectors

  • Depends upon the component.

Permissions required vary widely, depending upon the component. For specific information, contact AgilePoint Professional Services.