SureSync Part 2: Installing and Configuring SureSync to Run As a Service
- Exploring the DCOM Configuration Tool
- Configuring SureSync's Individual Applications to Run as Services
- Summary
Like this article? We recommend
Like this article? We recommend
Like this article? We recommend
Why have I decided to devote an entire article in this series on the installation and configuration of SureSync? It's not that the product is complicated to install. In fact, it is relatively easy to install; it just needs a little tweaking to get it to run nicely as a service. However, Software Pursuits (the makers of SureSync, http://www.softwarepursuits.com) has assured me that the following installation guide is necessary only when configuring the product to run as a service.
With SureSync, there are two types of installations: a local server install (as most products are) and a remote (or network) install. The local server install option allows you to install SureSync on each server, and configure options that only affect the individual installation of the product on each server.
The network install leaves all the required files for SureSync to run on a single specified server (including the back-end database), and allows you to configure options for all the referenced servers in a central place.
Just a small warning here, though. I recently helped a global organization implement SureSync into its publishing process, and found that the network installs were not really the best option when there are servers in different countries around the globe (on a slow WAN link). A network installation works best on a fast network (10Mbps or greater) among the servers involved.
Let's take a look at installing and configuring SureSync to run as a service on a Windows 2000 Advanced Server (with SP2 installed).
What you need to install SureSync as a service are the following:
The installation software! (A 30-day trial version can be downloaded from http://spursuits.com/suresync/download.asp.)
A Domain Service account (which is just a user account that will have special permission on the server) that you want SureSync to run under.
Optionally, you can install Microsoft Data Access Components (MDAC) 2.6, which may be downloaded from http://www.microsoft.com/data/.
After you have the Service account set up, log onto the server as an administrator (either local or domain). The service account you have created needs to have the capability to log on as a service (I'll show you how soon), and also needs the capability to read and write to specified directories on the server. For ease of deployment, you can place the service account within the Administrators group on the local machine, although this is a very high level of access, and may not suit your business requirements.
If you are not going to place your Service account in the Local Administrators group on the server, you should create a new group on the server (or preferably within the domain). This allows you to assign permissions to that specific group rather than the actual service account, and so offers more flexibility in the future.
Go to Administrative Tools in Control Panel on the server, and open the Local Security Settings—Policy application, as shown in Figure 1.
){kind=link}
Figure 1 Locating the User rights assignment in the Local Security Policy tool.
Navigate to Local Policies and then to User Rights Assignment. Find the Log on as a batch job option, and add your service account (or group) to this option. Do the same thing for the Log on as a service option. This allows the service account that you have to run Sure Sync when noone is physically logged onto the server.
Ok, now log off the server, and log on again as a service account. This enables Windows to create a profile for your user account, and to initiate a few basic tasks (and files) that Windows seems to require to allow the service to run in the background.
If you have assigned your service account to the Administrator group on the server, you can now go about installing SureSync. If not, log off and log on again as an Administrator.
WARNING
If you are installing SureSync via Terminal Server (or some other remote console program), make sure you go to Control Panel, Add/Remove programs to perform the installation. This ensures that the server is in install mode. Don't just double-click the .exe file unless you are physically in front of the server.
The installation of SureSync is actually in two very distinct parts. The first part I think of as being like unzipping the installation program (although it is a little more than this) into the specified directories on the server. The second part is when the actual files, registry keys, and required components are set up on your server.
After you are ready, kick off the install program of SureSync; then, when prompted, follow the installation wizard for the first part of the installation.
When you have completed the first part of the installation, after making the changes you need, you see a confirmation screen similar to that shown in Figure 2.
){kind=link}
Figure 2 Confirmation that the first part of the installation program is complete.
As the confirmation states, you cannot use SureSync until each server (including the one the installation was just performed on) runs the next part of the setup program.
When you are ready, navigate your way to the folder where you extracted the files for SureSync, such as C:\Program Files\SureSync, and run the setup.exe program, as shown in Figure 3.
){kind=link}
Figure 3 Locating the setup.exe program for the installation of Sure Sync.
Remember, however, that if you are performing this installation through Terminal Server or some other remote administration tool, you must run the install program through Control Panel (Add/Remove Programs); otherwise, the installation will fail.
Follow the second-stage installation wizard; you need to decide if you will use the Install to Hard Disk option or the Run from Network Copy option. Remember that a network copy works far better on a fast network than it does on a disparate slow network.
When the installation is complete, you can actually run SureSync, although not as a service because you haven't configured it yet! However, just hang on a moment or two longer from running Sure Sync, and you will be ready to complete the installation and configuration of Sure Sync.
Exploring the DCOM Configuration Tool
All righty then. After you have SureSync installed, you will configure it so it can run as a service. Go to Start, Programs, and find SureSync in the program file list. Select the DCOM Configuration tool, as shown in Figure 4. For those of you who have come across this tool before, it really is only a shortcut to the tool that Microsoft provides (dcomcnfg) for adjusting the DCOM configuration on your machine.
){kind=link}
You should have a window that looks similar to the one shown in Figure 4.
Figure 4 The dcomcnfg tool used to manipulate DCOM settings.
Select the Default Security tab; then within the Default Access Permissions section, click the Edit Default button, as shown in Figure 5.
){kind=link}
Figure 5 The Default Access Permissions section of the DCOM utility
What you do here is add your service account to the list of names allowed to launch DCOM applications on your server. You need to make sure that the following accounts have launch permission (Allow Access) for DCOM on the server:
Local machine account NETWORK
Local machine account SYSTEM
Local machine account INTERACTIVE
Service account
You can, if you want, add the Administrators group to the list as well
After you have completed this step, perform a similar procedure for the Default Launch Permissions section.
What you have done is configure DCOM for your whole server to allow the accounts you specified to have permission to not only launch your applications, but also to access applications on the server.