Folder and File Permissions (Master Data Services)
When you install Master Data Services, folders and files are installed in the file system at the installation path you specify. By default, the installation path is drive:\Program Files\Microsoft SQL Server\Master Data Services. You can change the location, but be aware of permissions that are inherited from the parent folder and permissions that are explicitly set.
Inherited Permissions
The Microsoft SQL Server folder, the Master Data Services folder, and most subfolders and files inherit permissions from the parent folder specified in Setup. If you choose the default installation location, the parent folder that permissions are inherited from is drive:\Program Files. The following table describes the default permissions for Program Files.
Note
If you modify default permissions for Program Files, or you choose a different installation location, the Master Data Services folders and files inherit permissions from their parent folder accordingly, and the permissions might differ from those described in the following table.
Program Files Default Permissions
Group or account name |
Permissions |
|---|---|
CREATOR OWNER |
Special permissions |
SYSTEM |
Full control, Modify, Read & execute, List folder contents, Read, Write |
Administrators |
Full control, Modify, Read & execute, List folder contents, Read, Write |
Users |
Read & execute, List folder contents, Read |
TrustedInstaller |
List folder contents, Special permissions |
Explicit Permissions
The MDSTempDir folder and the Master Data Services Web.config file (in the WebApplication folder) do not inherit permissions. They have permissions that are set explicitly when you install Master Data Services, regardless of the installation path you choose. Do not modify these permissions.
MDSTempDir Permissions
Group or account name |
Permissions |
|---|---|
SYSTEM |
Modify, Read & execute, List folder contents, Read, Write |
Administrators |
Modify, Read & execute, List folder contents, Read, Write |
MDS_ServiceAccounts |
Modify, Read & execute, List folder contents, Read, Write |
Web.config Permissions
Group or account name |
Permissions |
|---|---|
SYSTEM |
Full control, Modify, Read & execute, Read, Write |
Administrators |
Full control, Modify, Read & execute, Read, Write |
MDS_ServiceAccounts |
Read & execute, Read |
For more information about the contents of the Master Data Services Web.config file, see Web Configuration Reference (Master Data Services).