Use local domain accounts as SEUM-User accounts
This section focuses on domain rights for SEUM-User accounts that provide permission to WPM Players to run transactions. To learn about configuring Orion accounts, see Adjust Orion account permissions for WPM users.
The WPM Player service uses WPM worker processes to play back recorded transactions and collect data. By default, the Orion server uses 2 worker processes; remote systems that host WPM Players use 7 worker processes. Each worker process requires its own SEUM-User account because different processes handle different transaction steps at different times.
By default, SEUM-User accounts only have local permissions. You can use the WPM Domain Accounts Configuration Tool to set up local domain accounts as SEUM-User accounts so WPM can play transactions, as described next.
Before using local domain accounts as SEUM-User accounts to play WPM transactions, your organization should internally review and assess if that methodology will make your deployment vulnerable to unauthorized access.
If you encounter WPM transaction steps with a "Not played yet" status on the Transaction Details page, check domain policy access rights to the remote system hosting the WPM Player, and review passwords for user accounts in configuration files. See this article in the SolarWinds Success Center.
You can use the SolarWinds WPM Domain Accounts Configuration Tool to set up SEUM-User accounts to allow SSO for WPM transactions that require it. Otherwise, transactions using SSO pull login information from the account that is currently logged in on the system with local credentials.
The number of domain accounts required depends on how many worker processes the WPM Player service needs, as cited in the
numWorkerProcesses entry in the
SolarWinds.SEUM.Agent.Service.exe.config file, located at
C:\Program Files (x86)\SolarWinds\Orion\SEUM\Player.
Before using local domain accounts as SEUM-User accounts to play WPM transactions, your organization should internally review and assess if that will make your deployment vulnerable to unauthorized access.
To configure SEUM-User accounts,
- Log into the system hosting the WPM Player service running transactions — either the Orion server or a remote machine.
- Use the Orion Service Manager to stop the SolarWinds WPM Playback Player service.
- Navigate to this default folder:
C:\Program Files (x86)\SolarWinds\Orion\SEUM\Player
- Save a backup copy of the
- Launch the following file as an Administrator:
- Select the "Enable domain accounts for playbacks" option.
- Provide the Domain name, Username, and Password for each account.
Note the following details about these fields:
- Do not cite the domain in the Username field — only the account name.
- Each WPM worker process handles different transactions at different times so the number of SEUM-User accounts must equal the number of worker processes on the player, which varies for each player and environment.
- Each user account must be unique; do not use the same account multiple times on the same system.
- To avoid unwanted disconnections, do not use personal domain accounts (for example, if an account logs out of an RDP session).
- Password are encrypted in the database.
- Click Validate to test credentials, and then click Save.
- Use the Orion Service Manager to restart the WPM Playback Player service.
Related troubleshooting articles available in the Success Center include: