Documentation Center

Content Delivery security settings file system permissions

This topic describes the required file system settings for Content Delivery.

Directory: %TRIDION_HOME%\bin
Access level:

Read and Execute access for the following users:

  • tcdcaching
  • tcddeployer

Reason:

Proper system functionality (instantiate tcdbroker objects, open folders)

Directory: %TRIDION_HOME%\config
Access level:

Read access for the following users:

  • tcdcaching
  • tcddeployer

Reason:

XML configuration files

Directory: all file system storage locations configured in the Storage Layer configuration
Access level:

Read, Write and Execute access for the following users:

  • tcddeployer

Reason:

Target to save metadata to when using file system as storage.

Directory: %TRIDION_HOME%\lib
Access level:

Read access for the following users:

  • tcdcaching
  • tcddeployer

Reason:

SDL Tridion JAR files

Directory: %TRIDION_HOME%\log
Access level:

Write access for the following users:

  • tcdcaching
  • tcddeployer

Also, in a Windows environment, write access for the user associated with the Default Application Pool.

Reason:

Logging purposes

Directory: HKLM\Software\JavaSoft\Java Runtime Environment
Access level:

Read access for the following users:

  • tcdcaching
  • tcddeployer

Reason:

Runtime check for Java environment

Directory: Java Runtime and SDK Environment
Access level:

Read and Execute access for the following users:

  • tcdcaching
  • tcddeployer
File: Java executable (/bin)
Access level:

Read and Execute access for the following users:

  • tcdcaching
  • tcddeployer
Directory: JRE / runtime libraries
Access level:

Read access for the following users:

  • tcdcaching
  • tcddeployer
Directory: Queue location
Access level:

Modify access for the user tcddeployer.

Directory: Logging directory
Access level:

Modify access for the user tcddeployer.

Directory: Input directory (incoming) for HTTP(S)
Access level:

Modify access for the user tcddeployer.