Help Center
Choose product document...
Veeam Backup & Replication 9.5
Veeam Backup Explorers User Guide

Required Permissions

The following rules should be taken into consideration when configuring accounts and permissions to work with Veeam Explorer for Microsoft SharePoint:

  1. The user account that you specify for guest processing of the Microsoft SharePoint in the backup job should be a Farm Administrator for the corresponding SharePoint farm (see the corresponding section of the Veeam Backup & Replication User Guide for Hyper-V or for VMware).
  2. This account should also have the sysadmin fixed role assigned on the Microsoft SQL Server Server where the content database is stored. This is the recommended setting; however, if you need to provide minimal permissions, you can assign the following to this account:
  • SQL Server instance-level roles: dbcreator and public
  • Database-level roles: db_backupoperator, db_denydatareader, public; for system databases (master and msdb) - db_backupoperator, db_datareader, public
  • Securables: view any definition, view server state
  1. When configuring a staging SQL server, remember that current user account (under which Veeam Explorer runs) can be used to access Windows machine where staging SQL server runs only if  you have local staging server. If you plan to use a remote staging server, you will need to specify credentials for connection explicitly, providing user name and password - that is, even if you want to use the account currently logged on, you should select Use the following account option and supply credentials. See Performing Initial Configuration for more details.
  2. The account used for working with Veeam Explorer for Microsoft SharePoint requires membership in the sysadmin fixed server role on the staging Microsoft SQL Server.
  3. When planning for the account under which Veeam Explorer will connect to target SharePoint server, consider the following:
  • If you are using ADFS as authentication provider, consider that in case of Windows Authentication you can either use current account or specified account.
  • In case of Forms Authentication, only the specified account can be used (not current account), and you should enter the corresponding user name and password.
  1. The account used for connection with target SharePoint server where document item(s)/list will be restored needs the following:
  • If permissions of the item being restored are inherited from the parent item (list), Full Control for that list is required.
  • If permissions are not inherited, and restored item will replace an existing item, Contribute for the item and Full Control for its parent list are required.
  1. The account used for connection with target SharePoint server where a site will be restored needs Full Control for that site. If this user account does not have site administrator or system account rights, and this user selects Restore permissions option, consider that this user's permissions will be skipped (not restored).
Veeam Large Logo

User Guide for VMware vSphere

User Guide for Microsoft Hyper-V

Enterprise Manager User Guide

Veeam Cloud Connect Guide

Veeam Agent Management Guide

Veeam Backup Explorers User Guide

PowerShell Reference

RESTful API Reference

Veeam Backup FREE Edition User Guide

Veeam Backup for Microsoft Office 365

Veeam ONE Documentation

Veeam Agent for Windows Documentation

Veeam Agent for Linux Documentation

Veeam Management Pack Documentation