Saturday, May 4, 2013

Permissions for Windows PowerShell - SPShellAdmin

In order to use Windows PowerShell for SharePoint 2010 Products, a user must be a member of the SharePoint_Shell_Access role on the configuration and content database. In addition to this, the user must also be a member of the WSS_ADMIN_WPGlocal group on the computer where SharePoint 2010 Products is installed.

To add a user as SharePoint_Shell_Access on the SharePoint database use the below powershell cmdlet :

Add-SPShellAdmin

Please Note that to run the above cmdlet you must have
* Membership in the securityadmin fixed server role on the SQL Server instance
* Membership in the db_owner fixed database role on all affected databases
* and local administrative permission on the local computer.

In addition to above some important things to Note:

* The user gets added to the WSS_Admin_WPG group on all Web servers when the user is added to the SharePoint_Shell_Access role.

* If the target database does not have a SharePoint_Shell_Access role, the role is automatically created.

* If you use the database parameter, the user is added to the role on the farm configuration database, the Central Administration content database, and the specified database. Using the database parameter is the preferred method because most of the administrative operations require access to the Central Administration content database. The cmdlet is something like below :

Add-SPShellAdmin -UserName Domainname\User -database {Database GUID}

No comments:

Post a Comment