Required NTFS permissions for BizTalk File Adapter connecting to network share

When connecting to a network file share using BizTalk File adapter, you might've noticed that just specifying "Modify" rights is not sufficient. In simple configuration terms, you would need to have a minimum of "Full Control" or the BizTalk Host Service Account. Obviously this would not gel well with the system administrators.

Tom Canter (https://blogs.neudesic.com/blogs/enterprise_integration/archive/2007/02/22/4260.aspx) has put down the exact permissions that you would require for the FILE adapter that would help alleviate some of the concerns for the admins.

 

Overall, here is what it boils down to –

 

For the FILE Receive Adapter

• After you provide "Modify" rights, Click on "Advanced" button and on the Advanced Security Dialog, edit the permission entries for the BizTalk Service Account
• Here you will notice that the "Delete Sub Folders and Files" option is not given by default. This is exactly the missing link for the receive adapter.
• Simply set this property and you are good to go without "Full Control"

 

For the FILE Send Adapter

• If you are NOT USING the "use temporary file while writing" attribute on your send port, only the following permissions are required on the permissions entry dialog

  • Create Files / Write Data

     

• If you are using the "use temporary file while writing" attribute on your send port, the following permissions are required on the permissions entry dialog
  • Create Files / Write Data
  • Delete Files
  • Delete Sub Folders and Files
  • Read Permissions