As ArcGIS Server does its work, it needs to start and stop processes, read and write data to locations on the file system, and communicate between machines. To do these things securely, it uses an operating system account that you specify when you install ArcGIS Server. This is known throughout the documentation as the ArcGIS Server account.
When is the ArcGIS Server account used?
The ArcGIS Server account is used for the following purposes:
- Start and stop processes that support ArcGIS Server and services.
- Read the GIS data behind your services.
- Read and write files to the ArcGIS Server directories; for example, when you create a map cache, the ArcGIS Server account writes the cache tiles into your server cache directory.
- Read and write files to the configuration store; for example, when you create a new cluster in Manager, the ArcGIS Server account writes the cluster configuration information to files in the configuration store.
- Read and write files to the ArcGIS Server installation location and system temp directory; for example, the account writes log files that you can use to troubleshoot the server.
- Read and write log messages to the logs directory.
Which account is my ArcGIS Server account?
The ArcGIS Server account is the one you used when you installed the software. The installation makes this account the owner of all files that it places on the system. In a site with multiple ArcGIS Server machines, the user ID (UID) for the ArcGIS Server account should be the same across all machines so that they can access data, the configuration store, and the server directories using the same NFS permissions.
For security reasons, the root account cannot be used as the ArcGIS Server account and cannot be used to install the software.
What permissions do I need to grant to the ArcGIS Server account?
The ArcGIS Server account requires no special permissions on the operating system other than file access to the data, configuration store, and server directories. The ArcGIS Server account does not need to be an administrator on the machine.