SharePoint Permissions
This page describes how to assign certain permissions that are required to install, configure or execute K2 for SharePoint against SharePoint. See the topic Required Permissions - K2 for SharePoint for more information of the specific permissions required for each account.
Using a cmdlet to add a user to the SharePoint_Shell_Access role
To use Windows PowerShell 3.0 for SharePoint 2013, a user must be a member of the SharePoint_Shell_Access role on the configuration database and a member of the WSS_ADMIN_WPG local group on the computer where SharePoint 2013 is installed.
You can run the following cmdlet to add a user to the SharePoint_Shell_Access role
$contentDBId = (Get-SPDatabase | ?{$_.Name -eq "{ContentDatabaseName}")
Add-SPShellAdmin -UserName {DOMAIN\UserName} -database $contentDBId
The result of running this cmdlet is that the user specified with the {Domain\UserName} parameter will have the db_owner role access on the affected databases as described below. Therefore, you should carefully plan which users are given this access.
- Content_database (Usually, this database is called WSS_Portal and refers to the content database for the Portal Web application.)
- Public
- SharePoint_Shell_Access
- SPDataAccess
- SharePoint_AdminContent_[Guid]
- Public
- SharePoint_Shell_Access
- SPDataAccess
- SharePoint_Config
- Public
- SharePoint_Shell_Access
- SPDataAccess
When you run this cmdlet to add a user to the SharePoint_Shell_Access role, you must have membership in the securityadmin fixed server role on the SQL Server instance, membership in the db_owner fixed database role on all affected databases, and local administrative permission on the local computer.
This cmdlet is intended only to be used with a database that uses Windows authentication. There is no need to use this cmdlet for databases that use SQL authentication; in fact, doing so may result in an error message.