Installation and Configuration Security Recommendations

This section contains the list of recommendations for securing BizTalk Server during installation and configuration:

  • To install BizTalk Server through a network share, ensure you use discretionary access control lists (DACLs) so that all users have read-only access to the share.
  • The default BizTalk Server installation uses the inherited permissions of the Program Files directory, which grants all users read and execute permissions. If you install BizTalk Server in a different directory, make sure all users have read and execute permissions to this directory.

During installation and configuration, BizTalk uses the %temp% and %windir%\Installer directories. Ensure these folders have strong DACLs, so that only BizTalk Administrators have access to them.

The minimum security privileges and requirements for BizTalk Server appear in the BizTalk Server Installation Guide. For more information, see

See Also

Windows Group and User Accounts in BizTalk Server

Minimum Security User Rights

Security Recommendations for BizTalk Server Components

To download updated BizTalk Server 2004 Help from, go to

Copyright © 2004 Microsoft Corporation.
All rights reserved.