By default, the Laserfiche Server and Laserfiche Full-text Indexing and Search services must have local administrative rights to the machine(s) hosting the Laserfiche Server and repository volumes and database. To run the services as a domain account without local administrative rights to these machines, follow the instructions below.
Note: This knowledge base article only applies if you are hosting the Laserfiche Server on Windows Vista, Windows 7, Windows Server 2008, or Windows Server 2008 R2.
Follow the steps below, ensuring that you replace DOMAIN\User with the appropriate information:
- Open a command prompt with administrative rights. Click the Start button, type "command prompt" into the Search box, right-click the Command Prompt search result, select Run As Administrator, and select Yes from the User Access Control dialog box.
- Enter the following command and press ENTER:
netsh http add urlacl url=http://+:80/lf user=DOMAIN\User
- Enter the following command and press ENTER:
netsh http add urlacl url=http://+:5053/ user=DOMAIN\User
- By default, the Laserfiche Server is set to listen for secure socket layer connections. Unless you have disabled this setting, enter the following command and press ENTER:
netsh http add urlacl url=https://+:443/lf user=DOMAIN\User
- Close the command prompt.
The above instructions assume you are using the default listening ports for the Laserfiche Server and the Laserfiche Full-text Indexing and Search services. If you have modified any of the port defaults, replace the port numbers listed above accordingly.
To use the Repository Creation Wizard or the Repository Registration Wizard in the Laserfiche Administration Console, the Laserfiche Server must have local administrative rights to the Laserfiche Server machine, regardless of whether or not you have completed the steps above. We recommend temporarily running the service with local administrative to use these wizards, then switching to an account without local administrative rights.
Ensure the account used by the Laserfiche Server service has access to read, modify, and delete volume files on the machine(s) hosting Laserfiche volumes.
Ensure the account used by the Laserfiche Server service has access to the repository database. For Microsoft SQL Server, the Laserfiche Server must be able to authenticate to the repository database as the database owner. For Oracle Database, the Laserfiche Server must be able to authenticate as a user with specific privileges, each of which are explained in the Laserfiche Administration Help files (search for a topic named Preparing an Oracle Schema).