User/System service

This background service can be seen as two services. The first background service is running as a user service, or user process. The second background service is running as a system service. The only difference between them is the access condition. The user process has the same access rights as the normal logged on user. The system service has the same access right as all other system services.

The background process/service has different internal components running as separate threads. Keep the components within the same process for better performance and stability. For example, avoid multiple processes accessing the same smart card reader and reading the same thing.

The available internal components
#define SRV_TRACE         trace
#define SRV_SSO_CACHE     cache
#define SRV_SSO_PKCS11    pkcs11
#define SRV_SSO_CSP       csp
#define SRV_SSO_KSP       ksp
#define SRV_SSO_PLUGIN    plugin
#define SRV_WATCH         watch
#define SRV_TS_VC         ts-register // Register VirtualChannel (will require normal user)
#define SRV_EVENT         event
#define SRV_TOKEN         token
#define SRV_CERTIFICATE   certificate
#define SRV_SCS           scs
#define SRV_NETCONTROL    netcontrol
#define SRV_TASKBAR       taskbar
#define SRV_CRYPT         crypt
Example 1. Configuration on Windows

This example is using the watch component, among others. The watch component is used to monitor the system, that is, smart card insertion or removal. Thus, it is quite natural that you want actions both for system and user.

The services run as a system service and background process on Windows. That is, as system and user .
[Service]
ActiveSystem=trace,cache,pkcs11,csp,watch
ActiveUser=watch,event,taskbar,token,certificate,netcontrol,ts-register
Example 2. Configuration on maxOS/Linux

There is currently no need for root access service on macOS or Linux, so everything will be run as a user service.

[Service]
ActiveSystem=none
ActiveUser=trace,cache,pkcs11,token,certificate,watch
Windows

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Net iD Service]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] > Net iD Service

macOS

$HOME/Library/LaunchAgents/com.secmaker.netid.monitor.plist

Linux

$HOME/.config/autostart/netid_monitor.desktop