FSSP
Contents |
Forefront Permissions
The account used for Forefront must have the following permissions (according to TechNet):
- SharePoint: Local Administrator and Farm Admin
- SQL: Sysadmin
However, the following should work (from this TechNet Forum): From a SharePoint perspective, the account used for SQL connection must have the following:
- SecurityAdmin
- DBCreator
- All application pool identities must be at least Power Users on Web Front-End machines.
Note: From a Forefront perspective, however, the admin account is required. If you use an account with lesser privileges, the manual scan will fail. Basically, if you don't really care about running a Manual scan, then this may not be an issue for you.
Anti-Virus Exclusions
Applies to all AV programs, not just Forefront
SQL Server AV Exclusions
SharePoint Server AV Exclusions
- More Microsoft software AV exclusions here: TechNet Wiki
Basically go to the drive you installed SharePoint 2010 on and exclude the following:
Folders that need to be excluded from antivirus scanning for Microsoft SharePoint Foundation 2010
- C:\Program Files\Common Files\Microsoft Shared\Web Server Extension
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
- C:\ Drive\Users\SVC-SPP-Search\AppData\Local\Temp\WebTempDir
- C:\Drive\Users\SVC-SPP-Search\AppData\Local\Temp
- C:\Drive:\Windows\Syswow64\LogFiles
- C:\Users\SVC-SPP-AppPool\AppData\Local\Temp
- C:\Users\SVC-SPP-Apps\AppData\Local\Temp
- C:\Users\SVC-SPP-Farm\AppData\Local\Temp
- C:\Users\SVC-SPP-Search\AppData\Local\Temp
- C:\Users\SVC-SPP-SearchPool\AppData\Local\Temp
- C:\Users\Default\AppData\Local\Temp
Folders that need to be excluded from antivirus scanning for SharePoint Server 2010
- C:\Program Files\Microsoft Office Servers\14.0\Data
- C:\Program Files\Microsoft Office Servers\14.0\Logs
- C:\Program Files\Microsoft Office Servers\14.0\Bin
