Versions Compared

    Old Version 9

    changes.mady.by.user John Burk

    Saved on

    compared with

    New Version Current

    changes.mady.by.user John Burk

    Saved on

    Key

    • This line was added.
    • This line was removed.
    • Formatting was changed.
    Comment: Published by Scroll Versions from this space and version 6.9-0

    ...

    Note
    titleConsiderations when running "User" mode on Windows

    The Worker creates an authentication token when it creates a new process, and the Windows Operating System then permits the process access to the user's environment and files.  For this reason, if running with proxy_execution_mode = user  on Windows, every Windows user will need to register (and keep current) their password with Qube!  Most facilities choose  proxy_execution_mode = proxy  when running in service mode on Windows.

    Authenticating on Windows using an Active Directory Domain account

    It's possible to use an AD account as the proxy account; this allows the proxy account to be added to the ACL's on networked filesystem, be centrally managed, etc.

    You set the proxy_account to the user name, but without the Active Directory portion, and then specify the Active Directory domain name with worker_host_domain.

    For example, if you have a domain account that I would login as MyCorp\someuser, where the AD domain name is "MyCorp", and the user's name is "someuser", you would configure it as follows:

     

    • proxy_account = someuser
    • worker_host_domain = MyCorp

     These values can be set either in the worker's local qb.conf, but a best practice is to set in the supervisor's central worker configuration file.

    See Also

    How to switch a worker from Service mode to Desktop User mode

     

    proxy_account

    proxy_password

    proxy_execution_mode

    worker_host_domain