Hi Arun,

It was implemented according to the description. If I add the service user to the local administrators group, everything works perfectly.

If I remove it again, I only get a white web page. So it must be a local problem (the database is therefore correct).

The following was done:
- Service account stored on the "Intel® EMA Platform Manager" service
- Write permissions for the service account on:
     -> LOG folder
     -> C:\inetpub\wwwroot\web.config
     -> C:\Program Files (x86)\Intel\Platform Manager\Runtime\MeshSettings\app.config
     -> C:\Program Files (x86)\Intel\Platform Manager\Runtime\MeshSettings\connections.config
- Read access to the certificates
- New application pool with stored service account

After restarting IIS, the w3wp.exe process runs under the new service account as described.

After the Windows updates last night, I discovered today that all folders and files in the wwwroot folder had been deleted. I was able to reproduce this myself:
As soon as the "Intel® EMA Platform Manager" service is restarted, all files are gone.

Regards
Stefan

Hi Arun

1) Intel EMA Version = 1.14.3
2) Number of EMA servers = 1
3) Total number of endpoints = 0 (No endpoints have been added yet. Currently, Intel EMA has only been installed.)
4) Please let us know if the IIS service user has access to the EMA database and holds the proper role = db_datareader, db_datawriter, db_owner, Public

After making the adjustments, the "Intel® EMA Platform Manager" service can no longer be started.
If I add the service user to the local administrators group, it works perfectly.
However, I then encounter the problem that when the server is restarted, the "C:\inetpub\wwwroot" folder is empty.

Regards
Stefan

On Event Viewer i found this:

Event ID: 1026

Application: PlatformManagerServer.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.ArgumentNullException
at System.IO.FileSystemWatcher..ctor(System.String, System.String)
at PlatformManagerServer.PlatformManagerAutomator..ctor(PlatformManagerServer.PlatformControllerServer)
at PlatformManagerServer.PlatformControllerServer.Init()
at PlatformManagerServer.PlatformManagerService.Initialization()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()

and:

Event ID: 1000

Faulting application name: PlatformManagerServer.exe, version: 1.14.3.0, time stamp: 0x681e89d1
Faulting module name: KERNELBASE.dll, version: 10.0.26100.4652, time stamp: 0x730de2a8
Exception code: 0xe0434352
Fault offset: 0x00000000000c7f9a
Faulting process id: 0x2434
Faulting application start time: 0x1DBFA0E5E27A932
Faulting application path: C:\Program Files (x86)\Intel\Platform Manager\Platform Manager Server\PlatformManagerServer.exe
Faulting module path: C:\WINDOWS\System32\KERNELBASE.dll
Report Id: e73aac34-81c0-4316-8b2d-051e0ea46488
Faulting package full name:
Faulting package-relative application ID:

Hi Anrun

The SQL database is located on a central SQL Server. Access with the service user works perfectly, as far as I can tell.

If I remove the service user from the local administrators group on the web server with IIS, it no longer works. This allows me to prevent SQL access.

I'm on vacation starting Friday and will be happy to get back to you afterwards.

Regards

Stefan

Hi Arun

From my perspective, I've already done this.

Here's the situation again:
A database for Intel EMA was created on the central Microsoft SQL Server during setup.
After creating the database, the service user was entered in SQL under Login and granted the necessary rights to the Intel EMA database.

On the service server with the IIS for Intel EMA (new server only for Intel EMA), the adjustments were made according to the "Intel® Endpoint Management Assistant" PDF (e.g., read access to certificates, application pool, etc.).

Conclusion: The website remains white.

If I add the service user to the local administrators group on the service server, everything works perfectly.

I noticed that when I follow all the instructions in section 1.4.9, the "Intel® EMA Platform Manager" service can no longer be started.
If I add the service user back to the local administrators group, the website opens again, and login works.

I am now on vacation for 2 weeks and would be happy to be able to solve the problem afterwards

Regards

Stefan

Hi Arun

I am now back from vacation and the problem still exists.

We're going around in circles.

In order for the website to display and for me to log in to Intel EMA with my own domain user, the service user must be stored in the local Administrators group.
Then everything works perfectly.

If I restart the "Intel® EMA Platform Manager" service (the log-on user is the same as the one stored in the database), everything under wwwroot is deleted except for the Views folder and the web.config file.
-> This means that after a server restart (e.g., automatic Windows updates), everything is deleted, and the website is no longer displayed.

Unfortunately, the specified time of 8:00 a.m. to 5:00 p.m. PST is outside of my working hours.

Who else can help me with this? Are there Intel technicians in Europe?

Regards

Stefan

Hi Arun

I could arrange it next Monday or Tuesday at 4:00 p.m.

Regards
Stefan

Hi Arun

Tuesday, August 19, 2025, at 4:00 PM (GMT+2, Swiss Time)

Note: No agents have been created or clients connected yet. The only issue is that if I remove the service user's local administrator rights, the website for administration is no longer available (white page, no error message, and the Intel Service no longer starts).

Regards
Stefan