Configuring the Directory Server Service User and Ports

By default, Directory Server runs as the Network Service user and listens over TCP port 5048.

The Directory Server installation will automatically configure Windows to use the above values for a default installation of Directory Server. If you configure Directory Server to use a different service user or port, you must configure Windows by adding an HTTP URL namespace registration for Directory Server. In addition to firewall configuration, see the following steps.

Configuring a different service user for Directory Server

1. Browse to the Laserfiche Directory Server installation folder. The default location is C:\Program Files\Laserfiche\Directory Server.
2. Double-click XmlEndpointUtility.exe to launch the Directory Server Endpoint Configuration Utility.
3. Modify the Service user's principal name and Listening port values.
4. Use the Netsh commands for HTTP to remove the default URL reservation with port 5048 and reserve the new URL with the new port value.
5. For Directory Server 10.2 and earlier only: On the computer hosting Directory Server, open a command prompt and use the following command to remove the default URL:

   netsh http delete urlacl url=http://+:5048/LicenseManager/service

6. For Directory Server 10.2 and earlier only: Use the following command to reserve the new URL:

   netsh http add urlacl url=http://+:12345/LicenseManager/service user=DOMAIN\User

   Replace 12345 with the desired port value. Replace DOMAIN\User with the Directory Server service user.

7. For Directory Server 10.2 and earlier only: Repeat steps 5 and 6 for the following additional URLs, replacing portNumber with your desired ports as appropriate.
   • http://+:portNumber/LicenseManager/service2
   • http://+:portNumber/LicenseManager/sts
   • http://+:portNumber/LicenseManager/sts2
8. Find the endpoint utilities for the Laserfiche web applications that authenticate through Directory Server. Specify the Directory Server service user's principal name in these utilities. Here are some default locations for the endpoint utilities.
   
• Web client: C:\Program Files\Laserfiche\Web Access\EndpointUtility.exe
• Forms: C:\Program Files\Laserfiche\Laserfiche Forms\Forms\bin\EndpointUtility.exe

Note: If you did not change the Directory Server service user from its default value, you do not need to specify the service user in the web applications' endpoint utilities.

Identifying a service user and its principal name

If you do not know what service user the Directory Server is currently using, you can check this in the Windows Task Manager.

1. Open the Windows Task Manager and navigate to the Details pane.
2. Find the service with the name LFDS.exe. The service user is listed in the User name column.

The endpoint utilities require that we specify the service user's principal name. This is usually but not always the user's email address.

To determine the principal name of a user

1. On the domain controller, open Active Directory Users and Computers.
2. Select Users.
3. Right-click on the user of interest and select Properties.
4. Click the Account tab. The user principal name is displayed under User logon name in the format user@domain.