Setting up a run-as user

During installation, you can specify MVE to execute either as a local system account or as a domain user account. Executing MVE as a run-as domain user account provides a more secure installation. The domain user account has limited privileges compared to a local system account.


	Run‑as domain user account	Run‑as local system
Local system permissions	File all access to the following: $MVE_INSTALL/tomcat/logs $MVE_INSTALL/tomcat/temp $MVE_INSTALL/tomcat/work $MVE_INSTALL/apps/library $MVE_INSTALL/apps/dm-mve/picture $MVE_INSTALL/../mve_truststore* $MVE_INSTALL/jre/lib/security/cacerts $MVE_INSTALL/apps/dm-mve/WEB-INF/ldap $MVE_INSTALL/apps/dm-mve/download Where $MVE_INSTALL is the installation directory. Windows privilege: LOGON_AS_A_SERVICE	Administrator permissions
Database connection authentication	Windows Authentication with Microsoft SQL Server SQL Authentication	SQL Authentication
Configuration	A domain user must be configured before installation.	Configured automatically during installation

If you set up MVE as a run-as domain user account, then create the user on the same domain as the MVE server.