Content Manager subsystems, services and accounts
Configuring security for the Content Manager and its subsystems depends on where the different parts of the system are running:
Content Manager subsystems
The Content Manager subsystems consist of COM+ Applications, Microsoft Windows services and the Content Manager database. Configuring security for the Content Manager and its subsystems depends on where the different parts of the system are running.
The following diagram shows the Content Manager subsystems:
COM+ applications
The COM+ application component of Content Manager uses the account tcmsystem with the default identity of MTSUser.
Windows user accounts
Content Manager uses a number of Windows user accounts to communicate with the Content Manager server, summarized in the following table.
| User account | Description | Service name | Default identity |
|---|---|---|---|
tcmsystem | Content Manager system account (COM+ applications) | Tridion Sites Content Manager | MTSUser |
tcmpublisher | Service account for the Publishing Windows service. This account must be a system administrator-level access in Content Manager. | Tridion Sites Content Manager Publisher | Local System |
tcmtransport | Service account for the Transport Windows service | Tridion Sites Content Manager Transport Service | Local System |
tcmsearchindexer | Service account for the Search Indexer Windows service This account must be a system administrator-level access in Content Manager. | Tridion Sites Content Manager Search Indexer | Local System |
tcmsearchhost | Service account for the Search Host Windows service | Tridion Sites Content Manager Search Host | Local System |
tcmworkflow | Service account for the Workflow Windows service This account must be a system administrator-level access in Content Manager. | Tridion Sites Content Manager Workflow Agent | Local System |
tcmcoreservice | Service account for the Core Service Windows service | Tridion Sites Content Manager Service Host | Network Service |
Database user account
The Content Manager database uses the tcmdbuser account, which has a database identity of TCMDBUser.