In Microsoft SQL Server installation, there are 3 service accounts being created.
Can you suggest how to create a similar one for our product also. We want to run the service with that.?
Are you referring to creating a Windows account from your installer? If so, you could try the steps here: https://helpnet.flexerasoftware.com/installshield23helplib/installshield23helplib.htm#helplibrary/Create-SetUserAccount.htm or here: https://helpnet.flexerasoftware.com/installshield23helplib/installshield23helplib.htm#helplibrary/PredeterminedUserAccounts.htm Or are you referring to creating an account in your product / application from your installer?
If you observe, installations like SQL Server, will create some service accounts. Not the normal user accounts. These accounts doesn't have any user sessions, they won't be visible in the "Users and groups in Control Panel". Please find the screenshot attached for reference. These are called as service accounts. Please let us know how to create a service account using installshield and use in the windows service we create with installer.Thank you for your reply. Here is a post that I found about NT SERVICE: https://superuser.com/questions/884988/what-is-nt-authority-and-nt-service Here is an excerpt from that post: NT SERVICE\ (S-1-5-80-...) is the prefix used for "virtual accounts". When specifying the account to run a service named MyService as, you can enter "NT SERVICE\MyService" with no password, and it will run in a separate security context, for which you can set up permissions elsewhere. Here is a post that I found about virtual accounts: https://www.itprotoday.com/windows-78/q-how-do-i-create-and-use-virtual-accounts-windows-7-and-windows-server-2008-r2 Here is an excerpt from that post: A. There's no management or creation of Virtual Accounts, you just use them by configuring the service to use the account "NT SERVICE\" with no password set. This setting is in the Log On tab of the service properties, which is accessed through services.msc. There are no other actions required. Like the Network Service account, there's no password management required and the passwords are reset automatically. When you enter the account name for the logon, the service name must be the true service name and not the service description. Look at the General tab of the service for the service name and you must type that after NT SERVICE\, as shown here.Note: As far as I can tell, NT SERVICE\TestService needs to be used if the service name is TestService. I believe that what is after the \ needs to match the service name. I did not specify any password in the Services view of the project. I attached a ZIP file, containing my test project, to the support ticket itself. You'll need to include your own service to test with my test project.http://www.mediafire.com/file/rain3ibwkjp4yna/TestServiceTest.ism/fileNow I am able to create service with this option. But, earlier we used NT Service\SYSTEM and it has all the privileges. But now, I am getting access denied errors with my service. Any idea, how to give permissions to this virtual service account (with same name as service).You could try something like what is described in the post here: http://zarez.net/?p=3187 Please give that a try. Does that work for you?
No comments:
Post a Comment