Service User Accounts
Each service executes in the security context of a user account. The user name
and password of an account are specified by the
CreateService function at the time the service is installed. The user name and password can
be changed by using the
ChangeServiceConfig function. You can use the
QueryServiceConfig function to get the user name (but not the password) associated with a
service object.
When starting a service, the SCM logs on to the account associated with the
service. If the log on is successful, the system produces an access token and
attaches it to the new service process. This token identifies the service process
in all subsequent interactions with securable objects (objects that have a
security descriptor associated with them). For example, if the service tries to
open a handle to a pipe, the system compares the service's access token to the
pipe's security descriptor before granting access.
The SCM does not maintain the passwords of service user accounts. If a
password is expired, the logon fails and the service fails to start. The system
administrator who assigns accounts to services can create accounts with passwords
that never expire. The administrator can also manage accounts with passwords that
expire by using a service configuration program to periodically change the
passwords.
If a service needs to recognize another service before sharing its
information, the second service can either use the same account as the first service, or
it can run in an account belonging to an alias that is recognized by the first
service. Services that need to run in a distributed manner across the network
should run in domain-wide accounts.
- Software for developers
-
Delphi Components
.Net Components
Software for Android Developers
- More information resources
-
MegaDetailed.Net
Unix Manual Pages
Delphi Examples
- Databases for Amazon shops developers
-
Amazon Categories Database
Browse Nodes Database
