Honored Contributor.. RiverRat_1 Honored Contributor..
Honored Contributor..
908 views

Need to have RAS run as a Windows Domain Account ... having issues

Jump to solution

I need to have NRAS run as a Windows Domain account so it can talk to a MS Cluster usign the PowerShell cmdlets that came with the OO 9.00.05 content patch.

 

My question is on how to install OO in general.  Right now this is a brand new single OO server with the RAS the that comes it.  When installing it as the local administrator and then changing the RSJRAS service "Log on As" option, RAS isn't happy.  Studio no longer can valid its RAS path and the content patch installers fail with a HTTP 404 Not Found exception.  Since I installed OO originally as the local administrator I'm pretty sure this is the issue.  I confirmed this by changed RSJRAS back to Local System and the 9.00.05 content patch installed just find.  So this is a permissions issue.

 

When you know you're going to run RAS as a domain login, what the process to get this one ?

 

Do you install OO as the domain account (rather than the local admin account) ?  <I'm not a Windows guy and I don't play on on TV either> If so, does the domain account need to be given rights to install software on the machine ?

 

Or, can you install as the local administrator and then change permissions or something on the a specific folder structure for RAS so the domain account its running can use/update things as needed ?

Labels (1)
0 Likes
1 Solution

Accepted Solutions
Honored Contributor.. RiverRat_1 Honored Contributor..
Honored Contributor..

Re: Need to have RAS run as a Windows Domain Account ... having issues

Jump to solution

Gotta love Google.

 

The issue is permissions like I thought.

 

Going into the Windows File Explorer and then adding the domain account with Full Control to everything under the "c:\Program Files\Hewlett-Packard\Operations Orchestration" fix it.  With RAS running as the domain account and this permissions update, Studio now verifies its RAS Path fine and the OO SAS 9.00.05 content patch installer worked fine.

 

All better 🙂

0 Likes
2 Replies
Honored Contributor.. RiverRat_1 Honored Contributor..
Honored Contributor..

Re: Need to have RAS run as a Windows Domain Account ... having issues

Jump to solution

Gotta love Google.

 

The issue is permissions like I thought.

 

Going into the Windows File Explorer and then adding the domain account with Full Control to everything under the "c:\Program Files\Hewlett-Packard\Operations Orchestration" fix it.  With RAS running as the domain account and this permissions update, Studio now verifies its RAS Path fine and the OO SAS 9.00.05 content patch installer worked fine.

 

All better 🙂

0 Likes
Absent Member.. Jonathan Feutz Absent Member..
Absent Member..

Re: Need to have RAS run as a Windows Domain Account ... Having issues

Jump to solution

Instead of having RAS run as a domain account. I think the best practices is to use a ' OO System account' within your flow.

 

Under OO Configuration, Create a System account adding your Domain User account and Password information.  Then within your operation that calls the powershell script set the username & password field of the operation to type -> 'Credentials" and then pick  the System account system account you created.

 

The operation it self  will 'run as' that domain account.  Your ras service should not have to run as a domain account. A single flow can use multiple 'OO System Accounts' to access various systems within your network.

  

We also do this so that our Security group can audit and maintain the Domain Accounts, they can change the account password in the System Account configuration at will, and all the flows that reference that account get the new credentials. The developers/admins don't have to know the account/password to use the account in their flow.

 

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.