如何将新服务帐户引入现有C＃Windows服务

Question

I have a windows service that is currently running as LocalSystem. At this point it cannot acess a network drive that it needs to. (I've been substituting local drive for testing).

Now I have a newly created service account for me that has been given permisions to the shared drive.

I am not sure how to "cut over" my C# app to use this new service account going forward.

Once I do, will this new account appear under the 'Log On As' column when viewing the service from the service panel?

thanks for any assistance.

Answer 1

1. Windows Key + R
2. Type services.msc
3. Right click service and select "Properties"
4. Select "Log On" tab on the dialog
5. Select "This account" radio button
6. Enter account information for your newly created domain account (eg, mydomain\\myaccount).

The account that you enter must have "Log on as a service" privileges per the Local Security Policy (%windir%\\system32\\secpol.msc /s); windows usually prompts you automatically when performing the above steps.

Also, don't forget the basics. The account must have at least read file system permissions to your service executable.

And yes, this account will appear in the "Log On As" column when this is set correctly.

Finally, it's been a few iterations of windows / active directory versions since I've done this kind of thing. It's possible that there are additional delegation-type security settings that may need to be set in active directory / on the local machine to allow the service running as the domain account access a drive on a remote share. Perhaps some tweaks to the local firewall might need to be made as well.