Service Accounts on Windows

Last modified on August 26, 2022

Overview

Service accounts allow for programmatic access to strongDM resources. This is useful for continuous-integration pipelines, extract-transform-load jobs, or any automated function that would need resource access. Check the Admin UI Guide to see how to create service accounts. The rest of this guide covers how to authenticate with a service account.

Standard Windows Installation

For most users following the Windows installation guide, you can authenticate using a service account token with the followings steps.

  1. Start the strongDM Desktop application.
  2. At the login window, hit the <esc> key three times.
  3. This changes the login field to say service account token.
  4. Paste the token and click continue.

Automated Installation

To bypass strongDM Desktop and use only the CLI, or to automate the installation process, you can directly download just the strongDM CLI from the Admin UI. This package works on Windows 2008R2 and later.

Download the package

You can download the CLI package by following steps 1 through 5 in the Download the strongDM CLI section. Additionally, you can directly download the CLI installer.

Run the installer

Use the following steps to run the installer after it is downloaded and unzipped.

  1. Open a PowerShell terminal as an administrator.

  2. Navigate to the directory containing the sdm32.exe binary we unzipped when downloading the strongDM CLI.

  3. Run .\sdm32.exe install to receive the following output. If prompted, confirm to continue with administrator access. Newer versions of Windows correctly determine administrator privileges and do not typically show this prompt.

    Installing strongDM listener
    - paste the token and press ENTER:
    
  4. Paste the service account token assigned to this resource and hit enter.

  5. Customize the installation path and data path, or hit enter twice to accept the defaults. A successful install looks like the following screenshot. If the installation fails, verify you are running PowerShell as an administrator.

    Service Account Token and Success
    Service Account Token and Success

Test the setup

To confirm the installation and authentication was successful, open a new PowerShell window as an admin and run sdm status. The output looks similar to the following screenshot.

SDM Status Output
SDM Status Output

If you have trouble authenticating with your service account, please contact support@strongdm.com with details.

Top