Versions Compared

Old Version 23

changes.mady.by.user Johannes Stark

Saved on

compared with

New Version Current

changes.mady.by.user Johannes Stark

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

The CxSAST is based on IIS Application Pools and CxServices. For each of these the local Network Service is defined as default by the CxSAST installer.

Info
titleKerberos
If Active Directory (SSO) is used then the SPNs for the application server IRLs must be added to the user that the applicartion pools run under in order for Kerberos to work correctly

Outline

It is important to differentiate between the components as not all of them are used for the same purpose.

IIS Application Pools

  • CxClientPool - Application Pool of the Web Portal - the user that is defined here will not influence any external tools.
  • CxPool - Application Pool of the CxManager - the user that is defined here is used for connection to a third party server, e.g. TFS, GIT, SVN, etc..
  • CxPoolRestAPI - Application Pool of the RestAPI - the user that is defined here will not influence any external tools.
Info

The user assigned to the IIS App Pools will must have access to the CxDB and CxActivity databases in the SQL Server, if 'Integrated Security=True' in - DBConnectionData.config file.

Services

Services for the CxManager - The user that is defined here (and to the CxPool) is used for the connection to the SQL server (if 'Integrated Security=True' in - DBConnectionData.config file):

...

Info

For resolving issues, it is recommended to keep all the CxServices defined with the same user.

Storage Folders

Ensure that the user accessing the Cx storage folders (CxSrc, CxReports, ExtSrc) has the appropriate read/write permissions.

Configuration

CxServices

 1. Ensure that the user running the CxServices has the appropriate authorization, i.e. has domain access, administration rights, etc.

...

 5. Select the Log On tab, enter the appropriate user credentials and click OK.

IIS (Application Pools)

 1. In the IIS Manager, navigate to Application Pools, and check the user Identity of each of the following:

  • CxClientPool
  • CxPool
  • CxPoolRestAPI 
Info

If any of the Cx Application Pools are anything other than the default Network Service, make sure you know the user account's full credentials.

...

 7. Enter the appropriate user credentials and click OK.

Cx Storage Folders

 1. Verify that the user accessing the Cx storage folders (CxSrc, CxReports, ExtSrc) has the appropriate read/write permissions.

...

 5. Click Apply to save the changes.

 3. Repeat this procedure for the remaining Cx storage folders.


...