Setup of DomainService for TechIdentityManager

This document describes how to setup the DomainService that runs on each domain (or workstation in a workgroup) to create and manage identities for technicians.

 

Definitions:

Target Machine – Domain Controller, or a machine, where identities will be managed

Client ID – Guid assigned by RuffianSoftware in the form XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX where X is an alphanumeric character. If you don’t have one yet Request a Client ID. The same Client ID should be used everywhere you install a DomainService, TechIDManager.AzureAD, or TechClient.

DomainService.zip – File with all the required executable parts of the DomainService downloaded from the RuffianSoftware webpage for the DomainService. Usually DomainService_V_B.zip where V is the version and B the architecture (86/64)

Install Folder – Folder on the Target Machine where all the domain service files will reside. By convention this is c:\Program Files\RuffianSoftware.

 

Steps:

1. Copy all DomainService.zip to the Install Folder on the Target Machine. Extract the contents of DomainService.zip
2. From an administrative commandline in the Install Folder run the following command. This can be scripted from most RMMs also.

DomainService.exe install
DomainService.exe clientguid {Client ID}
DomainService.exe start

1. Don’t put the brackets {}, and don’t worry, the DomainService command line can be rerun at any time to change or add names and other options.
2. Replace {Client ID} with the Guid assigned from RuffianSoftware
3. More commandline options are available from the commandline with “DomainService.exe help” and by reading below.
4. The command should finish with something about success like this:

At this point the domain will be assigned to the “All Domains” domain group in the Management Console and any techs and rights assigned with “All Domains” in a DomainTechRights group will be created.

 

In general, DomainService.exe can be run to set options that are used by the service later when it runs. Options can be set on separate lines to ease scripting and installing. The complete command line help can be seen from the command line with “DomainService.exe help“. 

The options listed on this page are for the most recent version of DomainService.exe. Some older versions don’t support all these options. All options are of the format ABC or XYZ value where ABC is an option to set with no additional parameters and XYZ requires an additional commandline parameter value. See “start” and “clientguid” above. 

• help – Show this helpful output
• install – Install the RuffianDomainService
• uninstall – Uninstall the RuffianDomainService
• start – start the RuffianDomainService (same as “net start RuffianDomainService”)
• stop – stop the RuffianDomainService (same as “net stop RuffianDomainService”)
• update – shortcut for the commandline: stop uninstall install start
• clientguid value – Specify the ClientGuid to use when accessing the Management Console
• domainguid value – Specify the DomainGuid to use when accessing the Management Console (This is unique to each domain, and should ONLY be set when migrating a domain controller)
• OU value – Specify the OU to create tech accounts in the form x.y.z… where x is the top level OU, and y is a child OU of X, and Z is a child OU of Y, etc… (use “reset” to return to default value) https://ruffiansoftware.com/ad-ou-feature-in-domainservice-piece-of-techidmanger
• friendlyname value – Specify a searchable string for use in the TechClient that is specific to this domain or machine
• rmmname value – Specify a searchable string for use in the TechClient that is specific to this domain or machine (This is NOT the name of the RMM used on this machine)
• force – Run once in this context and exit (for testing only – do not use without explicit direction to do so from Ruffian Software)
• displayname value – Specify the format used to set the Display Name in AD for managed tech accounts (use “reset” to return to default value) https://ruffiansoftware.com/username-feature-in-domainservice-piece-of-techidmanger 
• username value – Specify the format used to make the UserName for managed tech accounts (use “reset” to return to default value) https://ruffiansoftware.com/username-feature-in-domainservice-piece-of-techidmanger
• accountdescription value – Specify the format used to set the Account Description in AD for managed tech accounts (use “reset” to return to default value) https://ruffiansoftware.com/username-feature-in-domainservice-piece-of-techidmanger
• loglevel value – Specify the loglevel used to 0 (less) to 10 (more)
• cmdline – run continually as if running as the service (for testing only – do not use without explicit direction to do so from Ruffian Software)
• gui – show a graphical user interface for setting options
• local – make local accounts on this machine
• nonlocal – make domain accounts on this domain controller (local and nonlocal are mutually exclusive options
• delaytime value – scan delay for runtime in minutes (default is 45)
• show – show all options that are set. 
• hourtorun value – 24 hour based hour in which runtime changes passwords (default is 0)
• forceshortnames – force the use of user names with length no more than 20 character
• allowlongnames – allow the use of user names with any length (this is the default behavior)
• passwordlength value – override management console password length setting for just this domain (range is 8-128) (use “reset” to return to using management console value)
• host value – specify the address of the CentralHost if using self-hosted TechIDManager (normally left blank)