Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Info
titleKerberos
If Active Directory (SSO) is used then the SPNs for the application server IRLs must be added to the user that the applicartion pools run under in order for Kerberos to work correctly

Outline

It is important to differentiate between the components as not all of them are used for the same purpose.

IIS Application Pools

  • CxClientPool - Application Pool of the Web Portal - the user that is defined here will not influence any external tools.
  • CxPool - Application Pool of the CxManager - the user that is defined here is used for connection to a third party server, e.g. TFS, GIT, SVN, etc..
  • CxPoolRestAPI - Application Pool of the RestAPI - the user that is defined here will not influence any external tools.
Info

The user assigned to the IIS App Pools will must have access to the CxDB and CxActivity databases in the SQL Server, if 'Integrated Security=True' in - DBConnectionData.config file.

Services

Services for the CxManager - The user that is defined here (and to the CxPool) is used for the connection to the SQL server (if 'Integrated Security=True' in - DBConnectionData.config file):

...

Info

For resolving issues, it is recommended to keep all the CxServices defined with the same user.

Storage Folders

Ensure that the user accessing the Cx storage folders (CxSrc, CxReports, ExtSrc) has the appropriate read/write permissions.

Configuration

CxServices

 1. Ensure that the user running the CxServices has the appropriate authorization, i.e. has domain access, administration rights, etc.

...

 5. Select the Log On tab, enter the appropriate user credentials and click OK.

IIS (Application Pools)

 1. In the IIS Manager, navigate to Application Pools, and check the user Identity of each of the following:

...

 7. Enter the appropriate user credentials and click OK.

Cx Storage Folders

 1. Verify that the user accessing the Cx storage folders (CxSrc, CxReports, ExtSrc) has the appropriate read/write permissions.

...