Configuring Amplia to run with a local user
Important
Since native key stores are deprecated, these instructions are no longer recommended.
If you intend to use either the current user or local machine Key stores, it is highly recommended that you configure Amplia to run with a local user account, instead of the default application pool identity.
Since the default app pool identity is not a full-fledged user account, it can be difficult to perform certain operations that may be necessary when using the operating system's key stores:
- Run a program with the application pool identity
- Add the application pool identity to a local user group
To configure Amplia to run as a local user:
Create a local user account
- Open the Computer Management tool
- Under System Tools, expand the item Local Users and Groups, then right-click on Users and select New User...
- Enter a username (e.g.:
AmpliaApp
) and a password - Uncheck the box User must change password at next logon
Check the box Password never expires
Click Create
- Configure the application pool
- Open the Internet Information Services (IIS) Manager
- Expand the local server item, then click on Application Pools
- Click on the application pool corresponding to Amplia's site
- On the right menu, click on Advanced Settings...
- On the item Identity, click the button with "..."
- Click on Custom account, then Set...
- Type in the username and password chosen previously
- Click OK
Adding application user to Admistrators group
To use the operating system's machine key store the application user must be added to the local Administrators group.
Warning
Unless you intend to use the OS local machine key store, you SHOULD NOT perform this procedure!
- Open the Computer Management tool
- Under System Tools, expand the item Local Users and Groups, then click on Users
- Find the application user (username chosen on the procedure described above) and double click it
- Select the tab Member Of
- Click Add...
- Under From this location:, make sure the local machine is selected (it will always be selected unless the server is part of a domain, in which case you must change the location from the domain to the local machine)
- On the text field, type Administrators and click Check Names
- Click OK