User Accounts

In order for TotalMobile to be installed & run within the customer’s environment, a number of accounts are needed to support the various services:

Service Account

The follow service accounts need setup for the various TotalMobile services to run under, with passwords that do not expire, as this will halt the application until fixed:

  • <Domain1>\<subdomain2>.app.pool: This is to run the IIS Application Pools under, so will need to be allowed to run on each web server. This account just needs to be a basic user on the system[s].

  • <Domain>\<subdomain>.int: This needs to run the Integration Service on the Integration Server, and will need to be a local administrator on the Integration Server[s].

  • <Domain>\sql.service: This is to run the main SQL Service on the database server, as identified as a best practice by Microsoft. This user needs to be a normal user on the database server.

  • <Domain>\sql.agt.service: This is to run the main SQL Agent Service on the database server, as identified as a best practice by Microsoft. This user needs to be a normal user on the database server.

  • <Domain>\sql.rs.service: This is to run the main SQL Reporting Services Service on the database server, as identified as a best practice by Microsoft. This user needs to be a normal user on the database server.

User Accounts

These accounts will be used by the installation & support engineers to administer & maintain the system:

  • <Domain>\tm.support: This account is used by the TotalMobile helpdesk when connecting to servers to carry out any support and maintenance. It is typically created at the domain level with local admin access to any dedicated TotalMobile solution servers, like the Web and Database servers. The account can only be enabled upon request by following the customer’s chosen security procedure when any support activity is required and it can be left disabled for the majority of the time when not in use.

  • <Domain>\blueprism.user: If BluePrism is to be installed as part of the solution, a specific BluePrism user will need to be setup This is to both login to the Application Server with, but also into the robots and as such will need to be a Local Administrator on both types of machine.

Domain = Customer’s Active Directory Domain the servers are joined to.

Subdomain = Typically the name of installation, defaulting to a nominated customer identifier, e.g. “acmecorp”. In some cases can be used to differentiate one installation of the solution from another, for example different parts of the same organization.

SQL Server Accounts

These accounts are setup for the application to access the database services; these will be setup by the installation engineer:

  • Taskmobileuser: This is used for the TotalMobile services to access the database services from various sources. These are assigned specific roles by the installation team on install.

  • Mendeluser: This is used for the Mendel services within TotalMobile to access the appropriate databases. This is only setup of the Mendel services are to be used within the installation.

As a portion of the installation needs a SQL level SA account, the engineer may setup an Sa_totalmobile SQL account if the core SA account cannot be used.