Friday, July 18, 2014

Certain folders may have to be excluded from antivirus scanning when you use file-level antivirus software in SharePoint


Collapse imageINTRODUCTION

This article includes information about folders that may have to be excluded from antivirus scanning in the following SharePoint applications:
  • Microsoft SharePoint Foundation 2013
  • Microsoft SharePoint Server 2013
  • Microsoft SharePoint Foundation 2010
  • Microsoft SharePoint Server 2010
  • Windows SharePoint Services 3.0
  • Microsoft Office SharePoint Server 2007
These folders may have to be excluded from antivirus scanning when you use file-level antivirus software in SharePoint. If these folders are not excluded, you may see unexpected behavior. For example, you may receive "access denied" error messages when files are uploaded.
Back to the top | Give Feedback

Collapse imageMore information

Folders that may have to be excluded from antivirus scanning in SharePoint

Note In the following sections, the placeholder Drive represents the letter of the drive on which you have your SharePoint application installed. Typically, this drive letter is C.

SharePoint Foundation 2013

You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions

    If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following two folders:
    • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\Logs
    • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\15\Data\Applications

      Note The Applications folder must be excluded only if the computer is running the SharePoint Foundation Search service. If the folder that contains the index file is located elsewhere, you must also exclude that folder.
  • Drive:\Windows\Microsoft.NET\Framework64\v4.0.30319\Temporary ASP.NET Files
  • Drive: \Users\ServiceAccount\AppData\Local\Temp\WebTempDir

    Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
  • Drive:\ProgramData\Microsoft\SharePoint
  • Drive:\Users\account that the search service is running as\AppData\Local\Temp

    Note The search account creates a folder in the Gthrsvc_spsearch4 Temp folder to which it periodically has to write.
  • Drive:\WINDOWS\System32\LogFiles
  • Drive:\Windows\Syswow64\LogFiles

    Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
    • Drive:\Users\ServiceAccount\AppData\Local\Temp
    • Drive:\Users\Default\AppData\Local\Temp

SharePoint Server 2013

You may have to configure the antivirus software to exclude the Drive:\Program Files\Microsoft Office Servers folder from antivirus scanning for SharePoint Server 2013. If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:
  • Drive:\Program Files\Microsoft Office Servers\15.0\Data

    (This folder is used for the indexing process. If the index files are configured to be located in a different folder, you also have to exclude that location.)
  • Drive:\Program Files\Microsoft Office Servers\15.0\Logs
  • Drive:\Program Files\Microsoft Office Servers\15.0\Bin
  • Drive:\Program Files\Microsoft Office Servers\15.0\Synchronization Service
  • Any location in which you decided to store the disk-based binary large object (BLOB) cache (for example, C:\Blobcache).
Note If you have SharePoint Server 2013, these folders should be excluded in addition to the folders that are listed in the "SharePoint Foundation 2013" section.

SharePoint Foundation 2010

You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions

    If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following two folders:
    • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\Logs
    • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\14\Data\Applications

      Note The Applications folder must be excluded only if the computer is running the SharePoint Foundation Search service. If the folder that contains the index file is located elsewhere, you must also exclude that folder.
  • Drive:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
  • Drive: \Users\ServiceAccount\AppData\Local\Temp\WebTempDir

    Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
  • Drive:\ProgramData\Microsoft\SharePoint
  • Drive:\Users\account that the search service is running as\AppData\Local\Temp

    Note The search account creates a folder in the Gthrsvc_spsearch4 Temp folder to which it periodically has to write.
  • Drive:\WINDOWS\system32\LogFiles
  • Drive:\Windows\Syswow64\LogFiles

    Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
    • Drive:\Users\ServiceAccount\AppData\Local\Temp
    • Drive:\Users\Default\AppData\Local\Temp

SharePoint Server 2010

You may have to configure your antivirus software to exclude the Drive:\Program Files\Microsoft Office Servers folder from antivirus scanning for SharePoint Server 2010. If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:
  • Drive:\Program Files\Microsoft Office Servers\14.0\Data

    (This folder is used for the indexing process. If the Index files are configured to be located in a different folder, you also have to exclude that location.)
  • Drive:\Program Files\Microsoft Office Servers\14.0\Logs
  • Drive:\Program Files\Microsoft Office Servers\14.0\Bin
  • Drive:\Program Files\Microsoft Office Servers\14.0\Synchronization Service
  • Any location in which you decided to store the disk-based binary large object (BLOB) cache (for example, C:\Blobcache)

    For more information about the binary large object cache, go to the following Microsoft website:
    Disk-based BLOB caching
Note If you have SharePoint Server 2010, these folders should be excluded in addition to the folders that are listed in the "SharePoint Foundation 2010" section.

Windows SharePoint Services 3.0

You may have to configure your antivirus software to exclude the following folders and subfolders from antivirus scanning:
  • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions

    If you do not want to exclude the whole Web Server Extensions folder from antivirus scanning, you can exclude only the following two folders:
    • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Logs
    • Drive:\Program Files\Common Files\Microsoft Shared\Web Server Extensions\12\Data\Applications

      Note The Applications folder must be excluded only if the computer is running the Windows SharePoint Services Search service. If the folder that contains the index file is located elsewhere, you must also exclude that folder.
  • Drive:\Windows\Microsoft.NET\Framework\v2.0.50727\Temporary ASP.NET Files

    Note If you are running a 64-bit version of Windows, you should also include the following directory:
    • Drive:\Windows\Microsoft.NET\Framework64\v2.0.50727\Temporary ASP.NET Files
  • Windows Server 2003: Drive:\Documents and Settings\All Users\Application Data\Microsoft\SharePoint\Config
    Windows Server 2008 and later versions: Drive:\ProgramData\Microsoft\SharePoint\Config
  • Drive:\Windows\Temp\WebTempDir

    Note The WebTempDir folder is a replacement for the FrontPageTempDir folder.
  • Drive:\Documents and Settings\account that the search service is running as\Local Settings\Temp\
  • Drive:\Users\the account the search service is running as\Local\Temp\

    Note The search account creates a folder in the "gthrsvc Temp" folder to which it periodically has to write.
  • Drive:\WINDOWS\system32\LogFiles
  • Drive:\Windows\Syswow64\LogFiles

    Note If you use a specific account for SharePoint services or application pools identities, you may also have to exclude the following folders:
    • Drive:\Documents and Settings\ServiceAccount\Local Settings\Application Data
    • Drive:\Users\ServiceAccount\Local
    • Drive:\Documents and Settings\ServiceAccount\Local Settings\Temp
    • Drive:\Users\ServiceAccount\Local\Temp
  • Drive:\Documents and Settings\Default User\Local Settings\Temp
  • Drive:\Users\Default\AppData\Local\Temp

SharePoint Server 2007

You may have to configure your antivirus software to exclude the Drive:\Program Files\Microsoft Office Servers folder from antivirus scanning for SharePoint Server 2007. If you do not want to exclude the whole Microsoft Office Servers folder from antivirus scanning, you can exclude only the following folders:
  • Drive:\Program Files\Microsoft Office Servers\12.0\Data.

    (This folder is used for the indexing process. If the index files are configured to be located in a different folder, you also have to exclude that location.)
  • Drive:\Program Files\Microsoft Office Servers\12.0\Logs
  • Drive:\Program Files\Microsoft Office Servers\12.0\Bin
  • Any location in which you decide to store the disk-based binary large object (BLOB) cache (for example, C:\Blobcache)

    For more information about the binary large object cache, go to the following Microsoft website:
    Configure disk-based cache settings
Note If you have SharePoint Server 2007, these folders should be excluded in addition to the folders that are listed in the "Windows SharePoint Services 3.0" section.

Note When you install SharePoint Server 2007 or apply a hotfix to an existing installation of SharePoint Server 2007, you may have to disable the real-time option of the antivirus software. Or, you may have to exclude the Drive:\Windows\Temp folder from antivirus scanning if this is required.

For more information about error messages that may occur when antivirus software scans occur in SharePoint Portal Server 2001 and in SharePoint Portal Server 2003, click the following article number to view the article in the Microsoft Knowledge Base:
320111 Random errors may occur when antivirus software scans Microsoft Web Storage System in SharePoint Portal Server 2001 and in SharePoint Portal Server 2003
For more information, click the following article numbers to view the articles in the Microsoft Knowledge Base:
910449 Troubleshooting common permissions and security-related issues in ASP.NET
813833 PRB: "Access Denied" error messages when you do not put strong-named assemblies in the global assembly cache
Posted by at No comments:

Event 10016: DCOM permissions not set


Issue


The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {61738644-F196-11D0-9953-00C04FD919C1} to the user DOMAIN\svcspdev SID (S-1-5-21-3914637029-2275272621-3670275343-1145) from address LocalHost (Using LRPC). This security permission can be modified using the Component Services administrative tool.
 

Solution


To rectify this error, first you need to do this on the SharePoint server - Windows Server 2008 R2. You must first take ownership of the corresponding registry key and grant Administrators permissions to update the configuration. If you do not take the ownership and try to add the user, pop-up window will appear and will say “ACCESS IS DENIED”

To grant permission to the configuration of the IIS WAMREG Admin Service to be changed using the Component Services console:
  1. Click the Start menu, type regedit, and then click regedit.exe.  If prompted by User Account Control to allow the program to make changes to this computer, click Yes.
  2. In the Registry Editor window, search for the CLSID “61738644-F196-11D0-9953-00C04FD919C1″ to find HKEY_CLASSES_ROOT\AppID\{61738644-F196-11D0-9953-00C04FD919C1}.
  3. Right-click on the HKEY_CLASSES_ROOT\AppID\{61738644-F196-11D0-9953-00C04FD919C1} key and then click Permissions.
  4. In the Permissions for {61738644-F196-11D0-9953-00C04FD919C1} dialog box, click Advanced.
  5. In the Advanced Security Settings for {61738644-F196-11D0-9953-00C04FD919C1} dialog box:
  6. Click the Owner tab.
  7. In the Change owner to list, click the Administrators group.
  8. Click OK.
  9. In the Permissions for {61738644-F196-11D0-9953-00C04FD919C1} dialog box, click the Administrators group, then click the checkbox to allow the group Full Control, and click OK.
  10. Close the Registry Editor window.
Now you have granted the Administrators group sufficient permissions, now you need to change the IIS WAMREG Admin Service. If you don’t do the previous step and go directly to the component service, all the fields are disabled.

 
Next step is referred to in the Microsoft KB article KB920783 from Microsoft as follows:
  1. Click Start, click Run, type dcomcnfg in the Open box, and then click OK. 
  2. Expand Component Services, expand Computers, expand My Computer, and then click DCOM Config. 
  3. Right-click IIS WAMREG admin Service, and then click Properties. 
  4. Click the Security tab. 
  5. Under Launch and Activation Permissions, click Edit. 
  6. In the Launch Permission dialog box, click Add. 
  7. In the Select Users, Computers, or Groups dialog box, change the location to the local server. Then, type the local security group WSS_WPG, click Check Names, and then click OK. 
  8. In the Permissions for UserName list, click to select the Allow check box that is next to Local Activation, and then click OK two times.
Reference:

Posted by at No comments:
Subscribe to: Posts (Atom)