Using a Domain Account

The Therefore™ XML Web Service can be run with a local system account. This is the default setting during setup.

However, it can also be run with a domain account, but this must first be specified in the Therefore™ Configuration Wizard. To do so, run the Therefore™ Configuration wizard and specify the login information under 'Services'.

In order to run the Therefore™ XML Web Service with a domain account, the correct SPN (Service Principal Name) must be set for the account. For further details about SPNs see the following MSDN page:

https://msdn.microsoft.com/en-us/library/ms677949%28v=vs.85%29.aspx

Setting the SPN

Before starting, ensure you have permissions to modify SPNs. Refer to the Microsoft TechNet article below for instructions on delegating the authority to modify SPNs.
https://technet.microsoft.com/en-us/library/cc731241%28WS.10%29.aspx#BKMK_Del
Next, set the correct SPN for the domain user account to allow the use of integrated security. Run the following command:
Copy
```
setspn -a HTTP/<FQDN of the PC> domain\username
```
'FQDN of the PC' refers to the Fully Qualified Domain Name of the PC, e.g., demopc1.moyaware.com.
'domain\username' is the domain account you wish to use to run the XML Web Service, e.g., moyaware\administrator.
Running this command will register the given SPN (e.g., HTTP/demopc1.moyaware.com) on the domain account entered in the previous step, and clients will be able to connect using the XML Web Service.

SPNs in use

In case the HTTP/<FQDN> SPN is already being used for a different user account in the domain the SPN cannot be set on another account unless it is deleted from the previous account.
For example, to change the domain account used for the XML Web Service you must first delete the SPN from the old domain account and then add it to the new account.
However, if another service is using the same HTTP/<FQDN> SPN, this service will be broken if you delete the SPN from the account used to run this service.