Description of Host Integration Server Security Groups
Host Integration Server uses two security groups to implement its security model. The goal of the security model is to allow the runtime and administrators access to the appropriate HIS resources, but limited to only those resources. This allows our runtime and administrators to operate as minimum privileged accounts (without the need to have local administrator or act as part of the operating system rights).
HIS Administrators group
This groups grants users the rights to manage and configure Host Integration Server. The HIS Administrators group has the following rights:
- Rights to start and stop the HIS services
- Read/Write access to the HIS configuration
- Can be granted access to enable HIS traces by the local administrator
HIS Runtime group
This groups grants the HIS service account the rights needed by the Host Integration Server services. The HIS Runtime group has the following rights:
- Run as a service
- Generate security audits
- Read/Write access to the HIS configuration
- Rights to generate traces