Set Up the AgilePoint Service Account
An AgilePoint solution is comprised of a number of software components that all must communicate with one another. This topic shows the systems and permissions that are required for various AgilePoint administrator accounts.
Good to Know
- During installation, you must use the same AgilePoint Service account credentials for all AgilePoint systems. However, for security purposes, AgilePoint recommends you change separate these account credentials after installation.
For more information, refer to:
AgilePoint Service Account Permissions
System | Permissions | Notes |
---|---|---|
AgilePoint Server Machines |
|
|
Database |
|
During installation, AgilePoint requires db_owner privileges in SQL Server to create the tables required on the database. For security purposes, after finishing the AgilePoint Server configuration, you can remove the AgilePoint Server service account from the db_owner role in order to disallow the Create table privilege. Instead you can add this user to the db_datareader and db_datawriter role memberships. Please note that when updating the database schema in the future (e.g. for an upgrade), you will need to add this account back to the db_owner role in order for the database schema to be updated It is recommended to configure permissions for the SQL database account for AgilePoint, which grants INSERT, UPDATE, DELETE and SELECT, … by schema (namespace), ONLY on AgilePoint tables at the database level, instead of using the generic dbo schema to restrict access. |
SharePoint |
|
|
Data Services Machine |
|
|