User account for the One Identity Manager Service
The user account for One Identity Manager Service requires permissions to carry out operations at file level. For example, assigning permissions and creating and editing directories and files.
The user account must belong to the Domain users group.
The user account must have the Login as a service extended user permissions.
The user account requires access permissions to the internal web service.
NOTE: If One Identity Manager Service runs under the network service (NT Authority\NetworkService), you can issue access permissions for the internal web service with the following command line call:
netsh http add urlacl url=http://<IP address>:<port number>/ user="NT AUTHORITY\NETWORKSERVICE"
The user account needs full access to the One Identity Manager Service installation directory in order to automatically update One Identity Manager.
In the default installation, One Identity Manager is installed under:
- %ProgramFiles(x86)%\One Identity (on 32-bit operating systems)
- %ProgramFiles%\One Identity (on 64-bit operating systems)
NOTE: Other target system specific permissions may be required for synchronizing One Identity Manager with each target system. These permissions are explained in the corresponding guide.
For more information, see Setting up permissions for creating an HTTP server.