Documentation Center

Experience Optimization file system permissions on presentation side

Various file system locations require differing levels of system access for different user accounts.

Account

The following table summarizes the Experience Optimization subsystem and services user accounts. The names of the users in the User account column are suggestions; you are free to choose your own user account names.

User accountDescription
WebUsersThe user of your website, for example IUSR for anonymous users in IIS.
xouserExperience Optimization API user and web service API user
xodeployerExperience Optimization Deployer Extension user

File system permissions

The following table summarizes file system settings for Experience Optimization and running on the presentation side and the permissions required. It is assumed that the permissions are inherited in all subfolders and only overridden in a subfolder if it is specifically listed.

LocationAccess levelReason
C:\ (Windows only)All users require Read access.Proper system functionality (instantiate objects, open folders)
Website foldersRead and Execute access for WebUsers.Needed to access the pages on your website.
%TRIDION_HOME%\config or %WEBSITE%\configRead access for the following users:
  • xouser
  • xodeployer
Reading of configuration files.
%TRIDION_HOME%\lib or %WEBSITE%\libRead access for the following users:
  • xouser
  • xodeployer
Calling the Experience Optimization and Content Delivery APIs.
Log directory (configurable)Write access for the following users:
  • xouser
  • xodeployer
Log files are stored here (as configured in logback.xml).
Google Analytics Private Key directory

(The location of the P12 Key generated when you set up your Project)

Read access for WebUsers

(For Experience Optimization web service and website)

For the website to collect and store statistics associated with this project.

For the Experience Optimization web service to retrieve and display statistics in Targeting Dashboard.

Java executable (\bin)Read and Execute access for the following users:
  • xouser
  • xodeployer
Needed to run the Java code
JRE / runtime librariesRead access for the following users:
  • xouser
  • xodeployer
Needed to run the Java code