Service Account Rules - Metasys - LIT-1201528 - General System Information - Metasys System - 12.0.50

Security Administrator System Technical Bulletin

Product name
Metasys System
Document type
Technical Bulletin
Document number
LIT-1201528
Version
12.0.50
Revision date
2023-06-02

When specifying a service account with the Metasys Security Administrator tool, apply the following rules:

  • For each service account, use the UPN format for the username and provide the domain specifier. For example, use metasys.service@my.corp.com for the hybrid UPN formats and use metasys.service@corp.com for exact UPN formats.
    Note: To enable the email UPN authentication format, manually edit the web.config files.
  • The tool does not allow a blank password for a service account.

  • Whenever you change the domain or username of the service account with the Metasys Security Administrator tool, you must also enter the password.

  • You can specify more than one service account. You only need to specify more than one service account if an Active Directory service trust does not exist between the domain in which the service account is created and all other domains where Metasys users reside. In this case, specify one service account per domain where the Metasys users reside.

  • You should configure the service account with a non-expiring password; however, if the password is set to expire, you need to reset it in the Metasys Security Administration system tool each time you reset it on the Active Directory service domain.