Showing posts with label The super reader account utilized by the cache does not have sufficient permissions to SharePoint databases. Show all posts
Showing posts with label The super reader account utilized by the cache does not have sufficient permissions to SharePoint databases. Show all posts

21 February, 2013

The super reader account utilized by the cache does not have sufficient permissions to SharePoint databases



Let me brief some details as what exactly happened in reference to following error message:
Object Cache: The super reader account utilized by the cache does not have sufficient permissions to SharePoint databases.

We have moved one web application from Development to staging environment. Movement was successful and we started facing the above mentioned error while browsing the web application.

After viewing the error message, thought process started to resolve around permissions.
Okay, but which permissions, account, sections where we need to specify and so many things…

Opened central administration—manage web applications—click on the specific web application to check the permissions –three accounts were listed there: nt authority, two more accounts and all are in Read Only mode.

Checked the IIS settings for that web application and cross checked the same account listed or not (which we have seen in the CA-user policy for that application)
Checked the account permissions in reference to SQL Databases and its perfectly fine (already listed in the users and roles in SQL)

As per Microsoft recommendations, there should be a Portal Super User account that must be an account with Full Control access to the Web application and The Portal Super Reader account that must be an account with Full Read access to the Web application.


While doing some research, I came across with an excellent article, written by Andras Gaal
 
The above article resolves my issue and works perfectly fine for us.

I would like to put some stress on one point from the same article:
 If you are in claims mode, you will need to use the claims user name(i:0#.w|domain\user).

Make sure you make a note it as it will creates new exceptions…

Thank you.