Log On As and Connection Settings
Log on as
First of all, you should choose an account under which the DeviceLock Content Security Server service will start. As with many other Windows services, the DeviceLock Content Security Server service can start under the special local system account (the SYSTEM user) and on behalf of any user.
To start the service under the SYSTEM user, select the Local System account option. Keep in mind that the process working under the SYSTEM user can't access shared network resources and authenticates on remote computers as an anonymous user. Therefore, DeviceLock Content Security Server configured to run under the SYSTEM user is not able to access DeviceLock Enterprise Server running on the remote computer and must use DeviceLock Certificate for authentication on it.
To start the service on behalf of the user, select the This account option, enter the user's account name and the password. It is recommended to use a user account that has administrative privileges on all the computers where DeviceLock Enterprise Server is running. Otherwise, you will need to use DeviceLock Certificate authentication.
If you're installing DeviceLock Content Security Server in the domain environment, we recommend that you use a user account that is a member of the Domain Admins group. Since Domain Admins is a member of the local group Administrators on every computer in the domain, members of Domain Admins will have full access to DeviceLock Enterprise Server on every computer.
Also, don't forget that if Default Security is disabled on remotely running DeviceLock Enterprise Server, the user's account specified in the This account option must be also in the list of Server Administrators with at least Read-only access rights on that DeviceLock Enterprise Server. Otherwise, you'll need to use DeviceLock Certificate authentication.
You can instruct DeviceLock Content Security Server to use a fixed TCP port for communication with the management console, making it easier to configure a firewall. Type the port number in Fixed TCP port. To use dynamic ports for RPC communication, select the Dynamic ports option. By default, DeviceLock Content Security Server uses port 9134.