kenaflow.exe --securing --account <account-name>
After setup or during administration of kenaflow this switch is used to set permissions on file system folders in order to keep kenaflow running.
<account-name> must be a valid user object that can be resolved by kenaflow.
It sets read and write permissions on certain folders.
You must run this switch for every user account that should be able to execute workflows - even as workflow developer - as long as this accounts are not "local admin" on the kenaflow server.
If you use
--confighttp to register an SSL certificate for remote event endpoints access to the private key is necessary for the automatic execution account of kenaflow. This is granted by this command IF the SSL certificate was registered previously (and it's thumbprint was written to the global configuration, setting 'sslCertThumbprint').
kenaflow.exe --securing --account "mydomain\service.kenaflow"