Cross WebApp approach to Config Store and My Sites

Jul 28, 2009 at 9:10 PM

Hi,

Installed the ConfigStore to WebApp / Site Collection "A portal" but then also want to use the same config store from a "My Site" WebApp which runs under a different service account.

In this scenario you get a database access exception with the My Site Service account being denied access to the Portal Content dB.

My thoughts where to install another instance of the Config Store in the "My Site" WebApp and just replicate the settings, however it would be simpler to do without the added maintenance overhead.

Just wondering what other people have tried in this scenario.

Cheers

Pete

Coordinator
Jul 29, 2009 at 9:22 AM

Hi Pete,

To share the Config Store across web apps, you would effectively need to grant enough permissions in the "A portal" web app content db (which holds the Config Store) for the identity of the *other* (My Site) web app's app pool identity. I think this would break down into:

  • Granting SQL permissions to allow this account to connect and read data
  • [I don't *think* any additional SharePoint permissions would need to be granted, but not to go through the process to be sure]
  • Ensuring the Config Store's AppSetting entries also exist (with the same settings) in the My Sites web.config

If you're running in a high security/least-privilege environment these permissions changes could be an issue - since the identity of the My Sites app pool would then have rights to read from the main content web app. Hence you will no longer be least-privilege.

But that's how you'd do it.

Cheers,

Chris.