If a SIPORT service user account is already available, use that account to run the Sync Agent service. If no such account exists, create a new user account to be used for running the service.

Do not use the same Microsoft Windows user account for both the SyncAgent Windows service and the SIPORT SyncAgent user (SIPORT REST API user). Each of these components must run under its own dedicated Windows user account. Using separate accounts ensures correct permission handling and prevents operational conflicts between the services.

Before you begin installing Sync Agent, you need to configure the user account which is used as a SIPORT service user account to any one of the groups that is mentioned in Log on as a service like Guest, Administrators, Users, Backup Operators.

  • Domain User - Domainname\DomainUserAccountIdentifier
  • Local user - LocalUserAccountIdentifier

Domain User or Local User environment configuration is required only for installation purpose. After the installation is complete, this configuration can be removed.

Creating Local Users and Groups (Local)

  • You have the Administrator privileges to create a user account and access local security setting window.
  1. Click Start > Control Panel > Administrative Tools > Computer Management.
  1. Expand System Tools and select Local Users and Groups > Users.
  • Or…
  1. In Run command, type lusrmgr.msc and press Enter key.
  • The Local Users and Groups (Local) window opens.
  1. Select a New User using one of the following options:
  • Right click the Users folder.
  • Move to extreme right of the window and click on More Actions.
  1. Enter the following information in the New User window:
  • Username: Username for installing Sync Agent. For example, SIPORT Sync Agent.
  • Full name: Full name, if required.
  • Description: Description, if required.
  • Password: Password for installing Sync Agent. For more information, see SIPORT Sync Agent Cybersecurity Guidelines, Section Password Policy.
  • Confirm Password: Reconfirm the entered password.
  • If you want to change the password during next login to Sync Agent, select the Users must change password on next logon checkbox.
  1. Click Create and Close.
  • The newly created user is listed and available under User’s folder.

Setting Local Security Policy

  1. In the Run command, type secpol.msc to verify the Users folder.
  • The Local Security Policy console window opens.
  1. Under Security Settings, expand Local Policies.
  1. Select and click Users Rights Assignment.
  1. In the right pane, search the policy Log on as a service.
  1. Verify the groups mapped for Log on as a service security setting. For example, the groups mapped here are Guest, Administrators, Users, Backup Operators.

It is recommended to add the domain user or local user under the Administrators or Users Group.

Unavailability of domain user account or local user account, under any of the Groups defined under the Local User and Groups management console, shall cause incomplete installation of few services.