000035850 - How to register URL for Advanced Workflow in RSA Archer running on a Windows account with limited privileges

Document created by RSA Customer Support Employee on Dec 16, 2017
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000035850
Applies ToRSA Product Set: Archer
RSA Product/Service Type: Advanced Workflow, User Interface, Platform
RSA Version/Condition: 6.2.0.6, 6.3
Platform: WIndows
IssueThis article assumes that the following conditions are true:
  • You run RSA Archer Advanced Workflow service on a Windows account with limited privileges.
  • The Advanced Workflow service is listening on other port besides the default port 8000. For example, it is configured to use HTTPS where the port is 8443.
The following error will occur:

HTTP could not register URL https://+:8443/workpoint/rest/alerts.svc/. Your process does not have access rights to this namespace (see http://go.microsoft.com/fwlink/?LinkId=70353 for details).
   at System.ServiceModel.Channels.SharedHttpTransportManager.OnOpen()
   at System.ServiceModel.Channels.TransportManager.Open(TransportChannelListener channelListener)
   at System.ServiceModel.Channels.TransportManagerContainer.Open(SelectTransportManagersCallback selectTransportManagerCallback)
   at System.ServiceModel.Channels.TransportChannelListener.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.HttpChannelListener`1.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.Dispatcher.ChannelDispatcher.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at System.ServiceModel.ServiceHostBase.OnOpen(TimeSpan timeout)
   at System.ServiceModel.Channels.CommunicationObject.Open(TimeSpan timeout)
   at Workpoint.BPM.Hosting.WpServiceHost._StartConfiguredServices()
---------- Inner Exception 1 ----------

In RSA Archer UI you are unable to configure Advanced Workflow.
ResolutionThis issue occurs because the Archer installer only automatically configures the account for port 8000. As a result, the service account does not have right to register port 8443.
The attached workpoint.bat file can be run to grant permission to the service account for all the required ports.
  1. Download the workpoint.bat file attached to this article.
  2. Copy the file to the RSA Archer server where Advanced Workflow is installed.
  3. Edit the file with Notepad and change user="RSASG\ArcherService" to the service account in your environment.
  4. Run the bat file with administrator privileges.

Attachments

Outcomes