Domain accounts running the caching service

It is well documented that you have to grant access to any client accounts that you want to use to write to AppFabric through the PowerShell Grant-CacheAllowedClientAccount command—and these of course can be Domain Accounts.

However, if you chose a Domain account to run the AppFabric caching service when you installed it, rather than a built-in account like NETWORK SERVICE, then you have to add one small attribute to any client application’s config file that communicates with AppFabric or that application cannot communicate with AppFabric successfully.

You must include the dataCacheServiceAccountType attribute on your dataCacheClient element, and set it to a value of DomainAccount as shown in the below example.

<dataCacheClientdataCacheServiceAccountType="DomainAccount"> <hosts> <hostname="127.0.0.1"cachePort="22233"/> <hostname="127.0.0.1"cachePort="22233"/> <hostname="127.0.0.1"cachePort="22233"/> </hosts> </dataCacheClient>

Even if all other configuration, permissions, and firewall rules are in place—your client applications cannot interact with AppFabric cache unless you explicitly tell them that a DomainAccount is running the service with this small configuration attribute.