User accounts with rights are required to make changes to the file system and Active Directory. migRaven.24 / 7 will query these as required input during installation,
as well as manually created service after the start of the software.
For the services, the rights can be divided accordingly:
- Windows account with local admin rights to run the config client
(there migRavenClient will always automatically with the logged in Windows user account
executed. This should have local administrator rights)
- migRavenDBServiceHost Account: Domain account with local admin rights
- migRavenADScanServiceHost Account: Domain account with read and write permissions over the entire domain.
This migRaven Service reads the user accounts from the domain at regular intervals and stores this information in the domain migRaven-Database. If permissions over migRaven managed, then generated migRaven Groups in AD and add other groups and user accounts as members to these groups.
- migRavenResource Scan Service Host Account: User account with full access permissions to the relevant shares.
The service creates symlinks, sets permissions, and moves data.
(The ResourceScanService account performs tasks in different areas of the domain.
For scanning all directories, writing to Active Directory and others. the creation
Sym-Links requires this account to have domain-level permissions)
The ResourceScanService is created after installation as part of the configuration.
These user accounts are partially queried during installation. Can also be managed after installation via the Windows services.