The Scheduler Service is a Devolutions Server component in charge of several features of Devolutions Server:
- Active Directory Cache
- Activated through the Devolutions Server web UI in Administration – Server Settings – Authentication – Domain – Settings – Enable cache feature.
- Entra ID cache
- The scheduler is used if the Entra cache is active.
- PAM Heartbeat (checkout processing, password rotation)
- Mandatory when using PAM features.
- Backup Manager
- Mandatory when the Backup Manager is enabled through the Devolutions Server web UI in Administration – Backup – Backup Manager, either for:
- Enable database backup.
- Enable web backup.
- Mandatory when the Backup Manager is enabled through the Devolutions Server web UI in Administration – Backup – Backup Manager, either for:
- Notifications
- Mandatory when any Notification is set.
- Automated Reports
- Mandatory when enabled. Set in the Devolutions Server web UI in Reports – Configuration – Scheduled Reports. Click the "+" icon to add a new Scheduled Report.
- Syslog Heartbeat
- Mandatory when Syslog logging is enabled through the Devolutions Server web UI in Administration – Server Settings – Logging – Log to Syslog server.
- Automatic Log Cleanup
- Mandatory when Automatic Log cleanup is enabled through the Devolutions Server web UI in Administration – Logs – Cleanup Logs – Enable automatic cleanup.
Configuration and Requirements
The Scheduler is a Windows Service. It is installed from the Devolutions Server Console Install Scheduler. The Scheduler will be installed and available from the Windows Services Console, DevolutionsSchedulerService.
This service requires access to the Devolutions Server database and to specific locations on the file system. Depending on whether Devolutions Server is configured to use Integrated Security or SQL accounts, different settings must be applied.
Refer to the VaultDBSchedulerService account in Pre-Deployment Account Survey.
When using Integrated Security
- The Scheduler will use the identity set to the account in Windows Services (services.msc).
- The AD service account requires the Read permission on the encryption key file (
\App_Data\encryption.config). - The AD service account also requires a Read permission for the NetFrameworkConfigurationKey container from theNET’s RsaProtectedConfigurationProvider.
Refer to Encrypting the web.config File.
When using SQL Accounts
- The identity used against the database is set in the Devolutions Server Console in Server – Edit – Database, Scheduler Service.
- The service runs by default with Network Service. This account cannot decrypt a web.config file by default, and it is not recommended to do so without proper knowledge.
Refer to Encrypting the web.config File.
Enable Scheduler Logging
- In the Devolutions Server web UI, go to Administration – Server Settings – Logging.
- Check Log debug information, then specify a Scheduler log path to store the log files. The folder location is relative to the scheduler service (*C:* is the C drive of the server).
- Save your changes before leaving the Logging section.
- If it is not already the case, configure the identity running the scheduler so that it has the Write permission since it must write in the folder.
- Restart the Scheduler Service.