- Downloads
- Misc
- Download BOINC for Windows Domain Controllers
BOINC for Windows Domain Controllers
Latest
November 14th, 2016
-
8.4 MB
boinc_5_x64_windows_server.zip
MD5:
FDC3D6DA77C4CFA5E53A0762FEF681D4
SHA1:
9D7E959C616B914A3D0CF60973AC22661EC7ADD6
SHA256:
C51544D8C6E707BDC9D300AE30084EA5210671940C8D8A4D5F7F8CB4642DD3DC
Downloaded:
1,448 times
(11.9 GB)
See this thread for more info: https://www.techpowerup.com/forums/threads/boinc-for-windows-domain-controllers.227815/
This specific version of BOINC is recommended by Stanford for installation on Windows Servers acting as a domain controller. The installer for BOINC 6 and newer creates a separate user account for BOINC to run in and this action is forbidden on domain controllers.
The problem with using BOINC 5 is that the security certificate (required for HTTPS) is expired so it cannot communicate with Stanford’s servers («SSL Connect» error).
After you install the included BOINC 5 on the domain controller, you must stop the service/exit BOINC, then replace the version 5 certificates with the updated ones included in this ZIP archive. To install them, make sure to completely stop BOINC then extract them, overwriting the existing files, to where BOINC is installed (usually C:\Program Files\BOINC).
It is vital that ca-bundle.crt overwrites the preexisting ca-bundle.crt because the file the security certificate that comes with BOINC 5.10.45 is expired. Once the files are overwritten, remember to start up BOINC again and verify that BOINC can communicate with Stanford’s servers without error.
Version History
Message 1924394 — Posted: 14 Mar 2018, 1:08:47 UTC
Last modified: 14 Mar 2018, 1:11:22 UTC
So I’ve been running BOINC v5.10.45 which, as far as I know, is the last version of BOINC explicitly compatible with Windows DCs. Ageless had told me that it was possible to upgrade to a newer version, however, whenever I tried I would get an error message as it attempted to create a local «boinc_master» user account. Of course, there’s no local sAMAccount database on a domain controller since it hosts Active Directory for accounts for the entire domain.
On a whim I decided to upgrade to BOINC v7.8.3 as a regular install (non-service), then I tried using the SC.EXE command line tool to manually create a service, however, there is no way to add a command line option to the service when using SC.EXE. I could point to the BOINC.EXE, but I couldn’t add the -daemon parameter needed for a service install.
So instead, I turned to PowerShell to create a service with a parameter. Not sure how helpful this will be to others since I doubt most people will be running BOINC on a DC, but here’s my code free to share:
[CmdletBinding(SupportsShouldProcess=$True)]
Param
(
[Parameter(Mandatory=$True)]
[string]$ServiceName,
[Parameter(Mandatory=$True)]
[string]$Path,
[Parameter(Mandatory=$False)]
[string]$Parameter,
[Parameter(Mandatory=$False)]
[string]$DependsOn,
[Parameter(Mandatory=$False)]
[string]$DisplayName,
[Parameter(Mandatory=$False)]
[string]$Description
)
Write-Host -ForegroundColor Cyan `n"Add-WindowsService by OzzFan"`n
#Check to make sure script is running elevated
If ([bool](([System.Security.Principal.WindowsIdentity]::GetCurrent()).Groups -match "S-1-5-32-544") -eq $true)
{
#Set error action preference to catch errors
$ErrorActionPreference = 'Stop'
#Set registry path
[string]$regPath = "HKLM:\System\CurrentControlSet\Services"
#Check if path to executable is valid
If (Test-Path -Path $Path -PathType Leaf)
{
#Check if service already exists
If ([bool](Test-Path -Path "$regPath\$ServiceName" -PathType Container) -eq $false)
{
Try
{
New-Item -Path "$regPath" -Name "$ServiceName" -ItemType Key | Out-Null
New-ItemProperty -Path "$regPath\$ServiceName" -Name "ImagePath" -Value "`"$Path`"" -PropertyType "ExpandString" | Out-Null
}
Catch
{
Write-Host -ForegroundColor Red "$($_.Exception.Message)"
Remove-Item -Path "$regPath\$ServiceName" -Force
Return
}
If ($PSBoundParameters.ContainsKey('Parameter'))
{
Try
{
Set-ItemProperty -Path "$regPath\$ServiceName" -Name "ImagePath" -Value "`"$Path`"","$Parameter" -Force | Out-Null
}
Catch
{
Write-Host -ForegroundColor Red "$($_.Exception.Message)"
Remove-Item -Path "$regPath\$ServiceName" -Force
Return
}
}
If ($PSBoundParameters.ContainsKey('DependsOn'))
{
Try
{
New-ItemProperty -Path "$regPath\$ServiceName" -Name "DependsOnService" -Value "$DependsOn" -PropertyType "MultiString" | Out-Null
}
Catch
{
Write-Host -ForegroundColor Red "$($_.Exception.Message)"
Remove-Item -Path "$regPath\$ServiceName" -Force
Return
}
}
If ($PSBoundParameters.ContainsKey('DisplayName'))
{
Try
{
New-ItemProperty -Path "$regPath\$ServiceName" -Name "DisplayName" -Value "$DisplayName" -PropertyType "String" | Out-Null
}
Catch
{
Write-Host -ForegroundColor Red "$($_.Exception.Message)"
Remove-Item -Path "$regPath\$ServiceName" -Force
Return
}
}
If ($PSBoundParameters.ContainsKey('Description'))
{
Try
{
New-ItemProperty -Path "$regPath\$ServiceName" -Name "Description" -Value "$Description" -PropertyType "String" | Out-Null
}
Catch
{
Write-Host -ForegroundColor Red "$($_.Exception.Message)"
Remove-Item -Path "$regPath\$ServiceName" -Force
Return
}
}
Try
{
New-ItemProperty -Path "$regPath\$ServiceName" -Name ObjectName -Value LocalSystem -PropertyType "String" | Out-Null
New-ItemProperty -Path "$regPath\$ServiceName" -Name ErrorControl -Value 1 -PropertyType "Dword" | Out-Null
New-ItemProperty -Path "$regPath\$ServiceName" -Name Start -Value 2 -PropertyType "DWord" | Out-Null
New-ItemProperty -Path "$regPath\$ServiceName" -Name Type -Value 16 -PropertyType "DWord" | Out-Null
}
Catch
{
Write-Host -ForegroundColor Red "$($_.Exception.Message)"
Remove-Item -Path "$regPath\$ServiceName" -Force
Return
}
Write-Host -ForegroundColor Green `n"Script complete. Restart the system before starting the service."`n
}
Else
{
Write-Host -ForegroundColor Red "Service name $ServiceName already exists"`n
}
}
Else
{
Write-Host -ForegroundColor Red "Could not locate $Path"`n
}
}
Else
{
Write-Host -ForegroundColor Red "This script requires elevation"`n
}
Save this script as Add-WindowsService.ps1 and make sure to run it from an elevated command prompt. Not sure if there’s an easier way, but this was my solution.
An example command line might look like this:
.\Add-WindowsService.ps1 -ServiceName BOINC -Path «C:\Program Files\BOINC\boinc.exe» -Parameter «-daemon» -DisplayName BOINC -Description «Downloads, executes, and uploads BOINC tasks»
You should upgrade or use an alternative browser.
-
- Oct 23, 2000
-
- 9,200
-
- 765
-
- 126
-
#1
-
- Aug 10, 2005
-
- 7,024
-
- 526
-
- 136
-
#2
Probably need to create the boinc users as well. From what I’ve read, the installer is the problem, not boinc itself.
IDK, it’s been a long time since I’ve messed around with windows server.
-
- Aug 25, 2001
-
- 56,570
-
- 10,203
-
- 126
-
#3
-
- Oct 23, 2000
-
- 9,200
-
- 765
-
- 126
-
#4
It’s not really a security risk, since it’s a small office that I fully administer and just want to keep all of those cores doing something instead of sitting there doing nothing at all except acting as a glorified file server. Unfortunately, running in a VM would let me use newer BOINC clients but could potentially cause problems if the server ever actually needs the CPU power and can’t have it because BOINC in the VM won’t know that it’s supposed to go idle/suspended.
It does work fine with the 5.10.45 client on the projects that support the older client. I just thought I’d ask to see if anyone knows of a way to make the 7.x client work. If not, I’ll stick with 5.10.45 and let the server work on those projects even when they aren’t my primary focus at the time.
Last edited:
-
- Apr 2, 2004
-
- 7,199
-
- 128
-
- 106
-
#5
As I understand it, the problem is that the newer BOINC clients want to use a local user account for the service
If you do not run BOINC as a service does it still want a local user account? (I guess I never understood the advantages of running as a service)
-
- Oct 23, 2000
-
- 9,200
-
- 765
-
- 126
-
#6
To answer the first part of the question, I’m not sure. I want it to run as a service, but I might remove the client and try to reinstall the new version as a normal program instead of a service just to see if it works..
Last edited:
-
#7
-
- Oct 23, 2000
-
- 9,200
-
- 765
-
- 126
-
#8
I’d rather run the old client on all 12 CPUs for a limited number of projects instead of in a VM with a bigger list of projects but only a few CPU cores available..
-
- Oct 23, 2000
-
- 9,200
-
- 765
-
- 126
-
#10
Security risks are a small concern, so I only run well established apps on the idle office machines (no beta/small/new projects at all) and I might do a VM just for better security but it hurts to think that some of those beautiful cores wouldn’t be put to proper use…
On a side note, the Xeon E5 CPUs are pretty impressive. This server is a Dell T320 with a Xeon E5-2430L processor and under max load on all 12 cores it only draws 89 watts of total power from the wall (and 35-40 watts when mostly idle). That’s a far cry from the old dual Xeon P3-933 I used to have that turned the whole 6×10 server room/wiring closet into a sauna at times even with a dedicated AC unit.
-
#11
Getting in trouble is not a problem. It’s MY network and nobody ever touches the server except me.Security risks are a small concern, so I only run well established apps on the idle office machines (no beta/small/new projects at all) and I might do a VM just for better security but it hurts to think that some of those beautiful cores wouldn’t be put to proper use…
On a side note, the Xeon E5 CPUs are pretty impressive. This server is a Dell T320 with a Xeon E5-2430L processor and under max load on all 12 cores it only draws 89 watts of total power from the wall (and 35-40 watts when mostly idle). That’s a far cry from the old dual Xeon P3-933 I used to have that turned the whole 6×10 server room/wiring closet into a sauna at times even with a dedicated AC unit.
I’ve used quite a few T320’s out in the field to replace aging servers from 2007-2008.
-
- Oct 23, 2000
-
- 9,200
-
- 765
-
- 126
-
#12
-
#13
-
- Aug 10, 2005
-
- 7,024
-
- 526
-
- 136
-
#15
Last edited:
- Advertising
- Cookies Policies
- Privacy
- Term & Conditions
-
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Zur Übersicht
- WINSETUP: Don’t execute the custom action that creates the RebootPending.txt file in the program directory if a reboot isn’t required.
Release notes for version 6.2
New features
Improved Windows security
BOINC now offers Protected application execution:
in this mode, applications are run under an unprivileged account,
so that they cannot access your files.
NOTE: Choosing this option will require a reboot after setup has completed the installation. Setup creates several users and groups on the system and you will not be able to properly manage BOINC until after the system has been rebooted.
Windows Vista compatibility
BOINC Manager now starts up without any security warnings when you log in.
Application graphics now work in all cases.
Support for multiple selection in GUI
You can now select multiple items (projects, tasks, etc.)
and operate on them as a group.
Installing BOINC
Windows
You can set install options by clicking the «Advanced» button on the configuration screen.
The options are:
- Program directory — where BOINC’s program files will be stored.
- Data directory — where BOINC’s data files will be stored.
- Use BOINC screensaver — Use the BOINC screensaver for the current user.
- Protected application execution — Run project applications under an unprivileged account. This provides increased protection against faulty applications, but it may cause graphics to not work with older applications.
- Allow all users on this computer to control BOINC — If selected (public mode), all users can control BOINC (attach/detach projects, etc.). If not selected (private mode), the only users who can control BOINC are: the installing user, members of the Administrator group, and members of the ‘boinc_users’ group. When other users run the BOINC Manager, they’ll be shown a dialog saying to contact the administrator to add them to the ‘boinc_users’ group.
To run BOINC invisibly, choose the «Protected application execution» option,
then delete the BOINC shortcut from the Start/Programs/BOINC and Start/Programs/Startup menus
(locate BOINC in each menu, right-click, select Delete).
You can still run the BOINC Manager by going to C:\Program Files\BOINC
and double-clicking on boincmgr.exe
Mac OS X
- If your browser has not already done so, expand the zip archive by double-clicking on it in the Finder.
- Double-click on the BOINC Installer application to run the installer, then follow the prompts.
- Close the installer when it is finished. This will automatically launch the BOINC Manager.
- If you want BOINC to be your screen saver, open System Preferences from the Apple menu. Select Desktop & Screen Saver and select BOINCSaver.
Several tools for Macintosh system administrators are available to:
- Automatically run BOINC as a daemon or system service at boot time.
- Improve security for stand-alone clients.
- Prevent BOINC Manager from launching automatically when selected users log in.
Linux
Uninstalling BOINC
Windows
Select Start/Control Panel/Add or Remove Programs. Select BOINC, then click Remove.
This removes the BOINC software only;
your jobs in progress are not deleted.
To completely remove BOINC,
delete the BOINC data directory (usually C:\Documents and Settings\All Users\Application Data\BOINC on Windows XP and C:\ProgramData\BOINC on Windows Vista).
Mac
You do not need to uninstall BOINC on the Mac if you are installing a different version. The installer automatically takes care of removing the unwanted files.
To completely remove (uninstall) BOINC from your Macintosh, run the Uninstall BOINC application which is included with the installer.
NOTE: this also removes all your BOINC Data files. If you want to preserve these, rename or move the folder before running the Uninstall BOINC application. The BOINC Data folder can be found at /Library/Applications Support/BOINC Data/.
Changes from 5.10 (Windows)
Separate data directory
5.10 and older versions of BOINC stored data and program files in the same place —
typically C:\Program Files\BOINC.
This caused security problems.
6.2 stores data files in a separate directory.
When 6.2 is installed on top of an older version,
it «migrates» the data files from the old to the new directory.
When BOINC starts
If «Protected application execution» is checked,
BOINC will run as a service;
it will start when the system boots, and run even if no user is logged in.
If it is not checked, BOINC will start when any user logs in (public mode)
or when the the installing user logs in (private mode).
Shutting down BOINC
When the «Protected application execution» option is selected,
BOINC Manager no longer shuts down BOINC when you exit BOINC Manager.
To shut down BOINC, go to the Advanced menu and select
«Shut down connected client…».
Domain Controllers
This release of the BOINC software will NOT install on Domain Controllers. This will be addressed in a future version.
Changes from 5.10 (Linux)
boinc_cmd & boinc_mgr
Both BOINC Manager and BOINC command line tool names has been changed to ‘boincmgr’ and ‘boinccmd’ respectively to bring them in line with the other platforms.
Download the installer,
then double-click the installer icon.
Install options
You can set install options by clicking the «Advanced» button on the configuration screen.
The options are:
- Program directory — where BOINC’s program files will be stored.
- Data directory — where BOINC’s data files will be stored. This will be a hidden directory; its location is shown in the BOINC start up messages.
- Use BOINC screensaver — Use the BOINC screensaver for the current user.
- Service install — Run project applications under an unprivileged account. This provides increased protection against faulty applications, but it prevents BOINC from using your GPU, and it may cause graphics to not work with older applications.
- Allow all users on this computer to control BOINC — If selected (»public mode»), all users can control BOINC (attach/detach projects, etc.). If not selected (»private mode»), the only users who can control BOINC are: the installing user, members of the Administrator group, and members of the ‘boinc_users’ group. When other users run the BOINC Manager, they’ll be shown a dialog saying to contact the administrator to add them to the ‘boinc_users’ group.
Running BOINC invisibly
To run BOINC invisibly, choose the «Service install» option,
then delete the BOINC shortcut from the Start/Programs/BOINC and Start/Programs/Startup menus
(locate BOINC in each menu, right-click, select Delete).
You can still run the BOINC Manager by going to C:\Program Files\BOINC
and double-clicking on boincmgr.exe
Error recovery
If you get an error error 1714 — the old installation can’t be removed when installing a new
version of BOINC:
- Reinstall the previous version.
- Uninstall the previous version.
- Install the new version again.
Uninstalling BOINC
In the Windows search box (lower left corner) type ‘Apps & Features’. Select BOINC, then click Uninstall.