- What did you expect?
  Create an account
:: Home  ::  Downloads  ::  Your Account  ::  Forums  ::
Google Adsense
  • Home
  • Downloads
  • ExpectationReviews
  • Forums
  • Group29 FAQ
  • MovieReviews
  • OtherReviews
  • Stories Archive
  • Submit News
  • Top 10
  • Topics
  • Web Links
  • New at Group29
    ·Expectation Review: Captain Marvel [25]
    ·Movie Review: Captain Marvel [25]
    ·Movie Review: Incredibles 2 [25]
    ·2018 UCLA vs USC preview
    ·Expectation Review: Avengers: Infinity War [24]
    ·2017 USC vs UCLA preview
    ·Forum Topic: Update your Facebook property
    ·Web Link: WEP Key Converter
    ·Forum Topic: Why does my IPA file get saved as a zip file in IE?
    ·Web Link: BeyondCompare

    ·Rebelscum Breast Cancer Awareness Charity Patch
    ·BBC Interviews J.J. Abrams About Trek And Wars
    ·CEII: Jabba's Palace Reunion - Massive Guest Announcements
    ·Fathead's May the Fourth Be With You!
    ·Star Wars Night With The Tampa Bay Storm Reminder
    ·Stephen Hayford Star Wars Weekends Exclusive Art
    ·ForceCast #251: To Spoil or Not to Spoil
    ·New Timothy Zahn Audio Books Coming
    ·SDCC: Exclusive Black Series Boba Fett With Han In Carbonite Set
    ·Star Wars Art Exposition May 4th

    Hot trends

    Group29 Discussion Board :: View topic - Why does a Windows Service need local Administrative account
    Log in Register Forum FAQ Memberlist Search
    Ratings, Links, Free Speech and more

    Group29 Discussion Board Forum Index -> Group29 Tech Tips -> Why does a Windows Service need local Administrative account
    Post new topic  Reply to topic View previous topic :: View next topic 
    Why does a Windows Service need local Administrative account
    PostPosted: Wed Jan 19, 2005 8:28 am Reply with quote
    Joined: Jun 23, 2004
    Posts: 340


    This question comes from many company Windows Server system administrators. Why does your Windows NT/2000/2003 Service need to run as a local administrator? It is a real security nightmare, they say.

    The answer is that if it is running a DCOM service, it cannot run as the system user, as it needs to be in communication with another DCOM application. All large companies have had to make exceptions in this regard for application services running on Win32 servers.

    This (rather lengthy) article from Microsoft explains why you need to do this for some applications

    From the 1998 Microsoft Systems Journal -
    Why Do Certain Win32 Technologies Misbehave in Windows NT Services?
    by Frank Kim

    Here is what I saw in the event log for one of our applications:

    The {our application} service failed to start due to the following error:
    The service did not start due to a logon failure.

    Logon attempt with current password failed with the following error:
    Logon failure: unknown user name or bad password.

    When I looked at the Services configuration for the {our application}, it was set to log on as ./administratror.
    (Start Menu --> Settings --> Control Panel --> Administrative Tools --> Computer Management )

    I compared this with a working server. On that dev system, it was set to "Log on as Local System Account."

    I changed the service on other server to log on as Local System account. Then the service started.

    Here is an article from Microsoft entitles:
    Understanding the Distributed Object Component Model (DCOM) Architecture
    View user's profile Visit poster's website
    Why does a Windows Service need local Administrative account
      Group29 Discussion Board Forum Index -> Group29 Tech Tips
    You cannot post new topics in this forum
    You cannot reply to topics in this forum
    You cannot edit your posts in this forum
    You cannot delete your posts in this forum
    You cannot vote in polls in this forum
    All times are GMT - 6 Hours  
    Page 1 of 1  

     Post new topic  Reply to topic  

    Powered by phpBB © 2001-2003 phpBB Group
    Theme created by Vjacheslav Trushkin
    Forums ©
    Group29 Productions

    All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest (c) 2006 by Group29 Productions.

    You can syndicate Group29 Productions news with an RSS Feeder using the file backend.php

    PHP-Nuke Copyright © 2005 by Francisco Burzi. This is free software, and you may redistribute it under the GPL. PHP-Nuke comes with absolutely no warranty, for details, see the license.
    Page Generation: 0.24 Seconds

    :: HeliusGray phpbb2 style by CyberAlien :: PHP-Nuke theme by ::