Required server authorizations
On a Windows machine, the Optim™ server can be run as a process or a service.
When it is run as a process, the server uses the credentials of the current user account. When it is run as a service and an explicit user account is used, the server requires the account to have the following privileges:
- Act as part of the operating system
- Bypass transverse checking
- Increase quotas
- Log on as a batch job
- Replace a process level token.
Local security policy
You must be logged on to the Windows machine with administrator rights and access the Local Security Policy to grant these privileges to the user.
- From the Control Panel, access the Local Security
Policy applet:
- From the Local Security Policy window, select the
menu entry:
- On the User Rights Policy window, select the following
entry in the left pane:
- Repeat the following steps for each of the privileges
listed above.
- Select a privilege from the right pane of the Local Security Settings window.
- If the user (or group) is not listed in the Assign To list box, select Add to add the user (or group) to the list.
- Ensure that the Local Policy Setting check box is checked for the user (or group).
- Select OK to apply the changes and close the Local Security Policy Setting window.
Server on UNIX
For UNIX, Super-User Server credentials are required to change the effective user account and group ID. During startup, if the filelogon parameter is set to client or server, the effective user account that started the daemon must be a Super-User (zero).