Documentation Center

Content Manager subsystems, services and accounts

Configuring security for the Content Manager and its subsystems depends on where the different parts of the system are running:

Content Manager subsystems

The Content Manager subsystems consist of COM+ Applications, Microsoft Windows services and the Content Manager database. Configuring security for the Content Manager and its subsystems depends on where the different parts of the system are running.

The following diagram shows the Content Manager subsystems:

COM+ applications

The COM+ application component of Content Manager uses the account tcmsystem with the default identity of MTSUser.

Windows user accounts

Content Manager uses a number of Windows user accounts to communicate with the Content Manager server, summarized in the following table.

User accountDescriptionService nameDefault identity
tcmsystemContent Manager system account (COM+ applications)Tridion Sites Content ManagerMTSUser
tcmpublisherService account for the Publishing Windows service.

This account must be a system administrator-level access in Content Manager.

Tridion Sites Content Manager PublisherLocal System
tcmtransportService account for the Transport Windows serviceTridion Sites Content Manager Transport ServiceLocal System
tcmsearchindexerService account for the Search Indexer Windows service

This account must be a system administrator-level access in Content Manager.

Tridion Sites Content Manager Search IndexerLocal System
tcmsearchhostService account for the Search Host Windows serviceTridion Sites Content Manager Search HostLocal System
tcmworkflowService account for the Workflow Windows service

This account must be a system administrator-level access in Content Manager.

Tridion Sites Content Manager Workflow AgentLocal System
tcmcoreserviceService account for the Core Service Windows serviceTridion Sites Content Manager Service HostNetwork Service

Database user account

The Content Manager database uses the tcmdbuser account, which has a database identity of TCMDBUser.