Configuring IEM to run as a Domain Service Account

I will be linking my new IBM Endpoint Manager v9 infrastructure up to my LDAP domain.  This includes setting up the services to run as a domain level service account which includes certain abilities.


As a result, I will need to modify my newly installed MSSQL 2012 security configuration to allow this service account access and ownership over the newly installed IEM databases.

Below are some screen shots with details on doing this configuration.


We need to add the new service account to this MSSQL server under Security->Logins.


Specify the domain service account here…


I want this service account to be an sysadmin…


And of course, DBO permissions on the two IEM databases.



Now we’ll need to return to the root server.  Specify the domain service account as an “Administrator” on the box so it has access into the program files directory where IEM is installed.

Then log off and log on as this domain service account.  The purpose of this is so IE gets initialized and if proxy configuration is required… it can be done at this point.

Now we’re ready to proceed… open up the services.msc.  Stop each of the BES services.


Then edit each one and on the LogOn tab specify the domain service account as shown below.


Once you’ve completed this for each of the BES services…


Start them all up.


Keywords: Configuration, step-by-step
3/15/2013 1:54:48 PM
danielheth's Avatar


Log In or Register to leave comments!