System Changes
The kenaflow setup performs some changes on the computer it is running on. Here you find information about these changes.
The kenaflow setup creates an unique "instance ID" and adds it to the global configuration file of the kenaflow instance. This ID is used for some system modifications.
Windows Registry
The kenaflow setup creates a key in the Windows registry where the program directory is stored. The registry key can be found here:
HKEY_LOCAL_MACHINE\SOFTWARE\kenaflow\<instance-id>
With this Windows Registry key you can check wether kenaflow is installed - and in which folder it is installed.
Program Folder
kenaflow binary files, its configuration and some other files are installed in a folder on disk that we call "program folder".
The default setup path is:
C:\Program Files\kenaflow
After setup it is required to execute program mode --securing
like this:
kenaflow.exe --securing --account <service-account>
A one task this will set list, read and execute permissions for the <service-account>
on the program folder.
The program mode --securing
can be executed multiple times if the instance has multiple service accounts for execution.
Program Data Folder
_kenaflow needs to store data files during execution to a folder we call "program data folder".
The instance ID is used as part of the sub folder name.
E.g.:
C:\ProgramData\kenaflow\instance_74dcd84e-8bb3-44ba-b2b4-402d2e63b667
After setup it is required to execute program mode --securing
like this:
kenaflow.exe --securing --account <service-account>
A one task this will set list, read, create, write, delete and execute permissions for the <service-account>
on the program folder.
The program mode --securing
can be executed multiple times if the instance has multiple service accounts for execution.
http(s) Endpoints
kenaflow is able to receive data from "remote" systems such as SharePoint - or other third party applications. (Please read Remote Event for details.)
Therefore kenaflow offers http(s) endpoints.
These endpoints need to be secured.
After the installer has run you need to execute --securing
to do this.
The cmdlet opens the endpoint http://+:<port>/<instance-id>
for "All Authenticated Users".
Therefore the following command is executed by the program mode --securing
:
netsh http add urlacl url=http://+:<port>/<instance-id> listen=yes user="NT Authority\All Authenticated Users"
<port>
is configured in the global configuration.<instance-id>
is optional. It's usage is configured in the global configuration.
If multiple instances of kenaflow are running on the same machine, then