Office web apps does not have access to content database

Question

I have issues with Office Web apps. After some logging search I found it's because of the service account of owa service application does not have access to the content DB.

I've read somewhere that the service account has to be member of db_owner role on the content databases, which is not the case for me.

The documentation states :

After you run the configuration wizards, SQL Server and database permissions include:

• Dbcreator fixed server role.

• Securityadmin fixed server role.

• db_owner for all SharePoint Server 2010 databases.

• Membership in the WSS_CONTENT_APPLICATION_POOLS role for the SharePoint Server 2010 server farm configuration database.

• Membership in the WSS_CONTENT_APPLICATION_POOLS role for the SharePoint Server 2010 SharePoint_Admin content database.

The WSS_CONTENT_APPLICATION_POOLS seems to be created only for some database, not for front apps content databases.

I have created a dedicated application pool, with a dedicated managed account. What is the correct way to grant access to all content DB for this user ?

Have I to manually set up the permissions in all content DB ?

Answer 1

The easiest way I have found is to use the [SPWebApplication.GrantAccessToProcessIdentity][1] method. It grants the specified user account access to the process identity and provides full control of the SharePoint Web Application. Office Web Apps can use this to access the content databases as the SharePoint Web Application's process identity, which already has access to the content databases.

You can do this with the following PowerShell:

$webApp = Get-SPWebApplication http://my.webapplication.com
$webApp.GrantAccessToProcessIdentity("domain\username")

[1]: http://msdn.microsoft.com/en-us/library/ms478270.aspx - notice that unfortunately, the description of this method on MSDN is incorrect.