Customers have often asked us to do a better job documenting the permission required for operation various Notes Migrator for SharePoint components.  With version 5.3, we documented this in a little more detail than previously…

The person installing our tool needs:

• Administrator access on front-end server
• dbcreator server role in SQL Server instance (if creating a Link Tracking database)

The person running our tool needs:

• Access to SharePoint targets sufficient to perform desired migration tasks (provisioning sites, adding users, provisioning lists, updating list schema, writing records)
• Full control access on Shared Files folder (if configured)
• Notes ID that can access Domino servers and read content from source databases

NMSP Import Service account (application Pool identity in IIS) needs:

• Access on front-end server where Import Service is running
• Administrator access
• Member of WSS_WPG group
• Member of IIS_WPG (Windows 2003 only)
• Full control access on Shared Files folder (if configured)
• SharePoint access
• Member of the Farm Administrator’s group
• Site Administrator on site collections being migrated to
• Database access
• db_owner role in the SharePoint Content Databases being migrated to
• db_owner role in the Link Tracking database (if configured)

Existing SharePoint service accounts (application pool identities for Central Administration and content web apps) need:

• db_owner role in the Link Tracking database (if configured)
• Full control access on Shared Files folder (if configured)

The above guidelines is actually a somewhat simplified set of recommendations.  For the occasional customer who is trying to setup a “least privilege” environment and needs to know exactly what is going on, we have created a spreadsheet that goes into more detail.  You can download the file here: [NMSP 53 Permissions.xlsx]