I'm sure that over time you've run into the dreaded "File transport does not have read/write privileges for receive location "C:\Flatfile\SAPTestIn\".".
Usually you simply go to the folder and either give the BizTalk account full permission (bad) or Everyone full permission (really bad).
So for a production environment, what is the absolute minimum permissions required?
For the Receive File Adapter the explicit permission are:
| NTFS Attribute | Property Name |
| DELETE | Delete Files |
| FILE_READ_DATA | List Folder / Read Data |
| FILE_WRITE_DATA | Create Files / Write Data |
| FILE_APPEND_DATA | Create Folders / Append Data |
| FILE_READ_EA | Read Extended Attributes |
| FILE_WRITE_EA | Write Extended Attributes |
| FILE_DELETE_CHILD | Delete Subfolders and Files |
| FILE_READ_ATTRIBUTES | Read Permissions |
| FILE_WRITE_ATTRIBUTES | Write Attributes |
How does this translate into what to do in the System?
Right clicking on the folder and in the security tab,
setting "Modify" is not enough, though you would think so:
Strangely enough the Delete Subfolders and Files attribute is not set when the Modify property is set, you need to add the
FILE_DELETE_CHILD "Delete Subfolders and Files" Attribute:
Once you have added the Delete Subfolders and Files check box you will have the minimum permissions for the file receive adapter:
For the Send Adapter
The permission for the File Send adapter depends on what properties you have set in the Adapter Advance properties:
If you have the "Use temporary file while writing" flag un-checked then all you need are:
| NTFS Attribute | Property Name |
| FILE_WRITE_DATA | Create Files / Write Data |
If you have the "Use temporary file while writing" flag checked then the flags you need are:
| NTFS Attribute | Property Name |
| DELETE | Delete Files |
| FILE_WRITE_DATA | Create Files / Write Data |
| FILE_DELETE_CHILD | Delete Subfolders and Files |
| FILE_READ_ATTRIBUTES | Read Permissions |
