Specifying Controller Security Settings

When running the controller service as a user account on Windows, the controller needs three Windows OS permission tokens to allow it to launch jobs as another user.

Ensure that the user account the controller uses has these three permissions:

  • Replace a process level token
  • Log on as a batch job
  • Act as part of the operating system
These can only be assigned by a user with Administrator rights on the machine.

To add permissions (Windows 10)

  1. Control PanelSystem and SecurityAdministrative ToolsLocal Security Policy. The Local Security Settings dialog box displays.
  2. Expand Local Policies.
  1. Double click Log on as a batch job.
  2. Click Add User or Group and add the User that the Agent is running as.
  3. Repeat for the other two permissions required.