Make sure the accounts you are going to use meet the following requirements:
- The user account you specify for guest processing of Microsoft SharePoint in a backup job must be a member of the Farm Administrator group for the corresponding SharePoint farm.
This account must also have the sysadmin fixed role assigned on the Microsoft SQL server with the content database.
To provide minimum permissions, assign the following roles:
- SQL Server instance-level roles: dbcreator and public.
- Database-level roles: db_backupoperator, db_denydatareader, public; for system databases (master and msdb) - db_backupoperator, db_datareader, public.
- Securables: view any definition, view server state.
- When configuring a staging SQL server, the current account can only be used to access the local staging server. If you plan to use a remote staging server, you will need to explicitly specify appropriate credentials.
- The account requires membership in the sysadmin fixed server role on a staging Microsoft SQL server.
- When using ADFS as the authentication provider, consider that in case of Windows Authentication you can use your current account or specify another one, whereas in case of Forms Authentication, only the latter option will be available.
- The account that is used to connect to the target SharePoint server requires the following:
- If permissions of the item being restored are inherited from the parent item (list), Full Control for that list is required.
- If permissions are not inherited and the item being restored replaces an existing item, Contribute for the item and Full Control for its parent list are required.
- The account that is used to connect to the target SharePoint server requires Full Control. If a user selects the Restore permissions option without having the Site Administrator or System Account roles, users permissions will not be restored.