Re: Windows Service - Event Log

I'm talking about the predefined "Service accounts", these are "SYSTEM" or
'localsystem', 'Local Service' and 'Network Service' In the early day's of
NT4, all services ran under localsystem, since then MSFT learned a lesson,
that is Services where the preferred target for the bad guy's, especially
those who ran with 'interact with the desktop'.
Since then, they added the least privileged 'Service accounts' and advised
to run the services using one of the least privileged "service accounts",
that is 'Local Service or Network Service'. And on Vista, all (system
supplied) services run under one of these Service accounts.
Whether you run a service under another account is up to you, but a system
admin right in it's mind will never allow a service to run as Administrator
or as an account with administrative privileges, he will always apply the
"Least Privilege" security principle.


Willy.



"Kevin Spencer" <uce@xxxxxxx> wrote in message
news:%23Qd9%23UqmGHA.3732@xxxxxxxxxxxxxxxxxxxxxxx
| Every Windows Service runs under a specific user account, which is
assigned
| to it, either by the developer when creating the installation for the
| service, or by an administrator/authorized user via the Services snap-in.
| So, there is no single user account under which all Windows Services run.
|
| --
| HTH,
|
| Kevin Spencer
| Microsoft MVP
| Professional Chicken Salad Alchemist
|
| Big thicks are made up of lots of little thins.
|
|
| "Willy Denoyette [MVP]" <willy.denoyette@xxxxxxxxxx> wrote in message
| news:ukrN0JomGHA.3352@xxxxxxxxxxxxxxxxxxxxxxx
| >
| > "Tim Van Wassenhove" <timvw@xxxxxxxxxxxxxxxxxxxxx> wrote in message
| > news:e8Jsf8lmGHA.2280@xxxxxxxxxxxxxxxxxxxxxxx
| > | On 2006-06-27, pisquem@xxxxxxxxxxx <pisquem@xxxxxxxxxxx> wrote:
| > | > I am building an windows service that is to be deployed on a windows
| > | > server 2003 and I want to have activity written to the event log, I
| > | > want its own log called ('CustomLog')
| > | >
| > | > Below is what I have so far...its builds fine but when I go to start
| > | > the service i get the following error.
| > |
| > | When i tried that (on a default windows 2003 installation) i
experienced
| > | a problem with access rights. If i remember well, i had to give the
| > | 'network' user access rights to the registry keys..
| > |
| >
| > What registry key's?
| > The "Network Service" account is a restricted service account with
| > sufficient privileges to write/read to/from the eventlog, if you elevate
| > it's privileges, you break what it was designed for.
| >
| > Willy.
| >
| >
|
|


.

Relevant Pages

  • Re: Lost Administrator Privileges
    ... works fine now and I realized that you can't add another user account without ... making it an administrator and thereby losing your actual Administrator off ... the kids have a full privilege user account. ... I logged in in Safe mode but still can't change the ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Cannot log in to XP
    ... Can I assume you're talking about the password for your user account? ... should find programs that will reset the Administrator password, ... I was given an older Dell laptop with XP pro on it. ...
    (microsoft.public.windows.mediacenter)
  • Re: forgot password
    ... I never set up an administrator account because my name was the ... If you are talking about your user account password in XP, ... boot the computer into Safe Mode. ...
    (microsoft.public.windowsxp.basics)
  • Re: forgot password
    ... I never set up an administrator account because my name was the ... If you are talking about your user account password in XP, ... boot the computer into Safe Mode. ...
    (microsoft.public.windowsxp.basics)
  • Re: Running as Administrator (was Re: Need help w/BootX icon)
    ... Who else could be administrator? ... administrator account. ... Remember that some files in Mac OS X are owned by the ... A new user account sheet appears. ...
    (comp.sys.mac.comm)