Identity Tab Page
The OpenROAD Installer sets the DCOM configuration of the ASO to make it run under the user ID of the client who launches it. This allows the ASO to acquire the rights of its client's user account and to execute privileged operations (such as registry updates) on that client's behalf. Anonymous remote users cannot launch a private ASO because they cannot provide an authenticated identity under which to launch the process.
The OpenROAD Installer sets the DCOM configuration of the SPO so that it runs under the user ID that you specified when you were prompted for it by the asreg utility. When an ASO slave is launched by the SPO, the ASO slave runs under the same user ID as the SPO. Therefore, all 4GL procedures executed on behalf of any client of the SPO execute in the security context of the user ID under which the SPO is run. By limiting the permissions given to that user ID, you can limit what those clients are allowed to do.
It is very important to run the SPO under a specific user ID to ensure that only one instance of the SPO can be launched. Never configure the SPO to run as "The launching user" or as "The interactive user." That can cause multiple instances of the SPO to be started, which can lead to a variety of anomalies in SPO behavior.
Important! The user ID you select for running the SPO must have write permission to the ingres\files directory to write the application log files.
Do not forget to update the DCOM identity setting for your SPO whenever the password for the specified user ID expires. You can do that on this tab page, or you can accomplish the same thing by running asreg.