StoragePoint 6.3 - Reference Guide

Managing Storage and Backup Endpoints

Storage and Backup Endpoints represent the external locations for storing the BLOBs. The endpoint page is also where compression and encryption settings are stored. Each Storage Profile links to one or more storage endpoint(s). Profiles can only link to one Backup Endpoint.

Click the Storage and backup endpoints link on the Application Management page in SharePoint Central Administration.

Preparing the External BLOB Store(s)

There are only a few things here to consider:

BLOB Store Security and Metalogix StoragePoint Required Privileges

All application pool accounts and SharePoint services that touch content need access to two things:

1.StoragePoint DB (in roles db_reader, db_writer)

2.Blob Store (file-share permission create\read\write\delete)

By default the StoragePoint installer adds appropriate StoragePoint Database rights to all Application Pool identities that exist at that time.

Reminder: The same access rights are necessary for any SharePoint services which are configured with a specific identity like Office Web Applications or the Excel Calculations Service.

Example:

Consider the case where a new web-application is created in Central Administration to hold Sites for the HR department.

Creating the new web-application may optionally also create a new IIS application-pool using a new Identity.

For example, let's call this new identity "HR-SPAppPool."

The HR-SPAppPool account will need db_reader and db_writer in the StoragePoint database.

HR-SPAppPool will also need create\read\write\delete permission on the system cache location (if configured) and any endpoint file shares.

Ensure that the service accounts associated with the Windows SharePoint Services Web Application(s) and Windows SharePoint Services Timer service have the following access permissions: Read, Write, Modify, Delete (files and folders), and Create (files and folders). This assumes the FileSystem adapter is bieng used. Adapters that use REST-based interfaces typically pass a security token in the header of any request packets, so the service accounts associated with the SharePoint Web Applications or Timer service are not relevant.

1.Select Web application pool.

2.Select Windows SharePoint Services Web Application from the Web Service dropdown.

3.Select an application pool from the Application pool dropdown.

a.Note the service account associated with each application pool, as they can be different.

4.The configured service account will be displayed in the Predefined dropdown or the Configurable> User name box.

5.Click OK.

1.Select a Web Application Pool from the dropdown.

2.The configured service account will be displayed in the Select an account for this component box.

a.Note the service account associated with each application pool, as they can be different.

3.Click OK.

Determine the service account associated with the SharePoint Timer Service service by opening the Services manager under Administrative Tools on one of the WFE(s). Scroll down to the SharePoint Timer Service service entry and note the service account in the Log On As column.

Use UNC Paths to Refer to BLOB Store Locations

Since a request to upload a new document or retrieve an existing document can be handled by any of the web frontends in the farm, it is a best practice to use a UNC for the Path parameter on the FileSystem adapter. Using a physical location (i.e. E:\blobstore) will produce unpredictable results, as it cannot be assured that the WFE that wrote the BLOB is the same WFE that will retrieve the BLOB, so the BLOB store must be a shared storage location that is uniformly accessible by all WFEs.