Win 2k3 run as service

I have a program that will replicate files between Wink 2k3 servers.  I have a Sever A and Server B. There is a service that needs to run in order for it to work.  I created a service account that will perform this job locally ( viceversa ).  With this local user account it does not work.

I have tested it out with my Domain Account that has admin rights and it works fine.  Files get copied from Server A to Server B.

1.Since Server A and Server B are part of a domain can I use a local account or will I need to create a domain account?
2. How will I get this none admin account to run the service and push files from Server A to Server B?
LVL 2
learn2earnAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
fpthreeConnect With a Mentor Commented:
This program you're using is called ViseVersa?
If so, I noticed many issues with user accounts associated with the vvEngine.
Have you checked with http://www.tgrmn.com on support for this product.
It sounds like it may be the service engine or possibly the program used to replicate from one machine to another.
0
 
fpthreeCommented:
When creating a service for servers to share tasks with, I personally, would recommend using a domain account for this process. My reason behind this is both servers, can use the same account for processing the tasks assigned to the services. It also helps with keeping things a little easier to manage.
If you were ever to have to trouble shoot an issue, you can resort back to a single account, instead of having to use an account for machine_name1\username and a seperate one for machine_name2\username. You could have problems with RPC which could cause issues with these services.
You don't necessarily have to create an account in the domain specific to this service.
I would just use a user with some or all domain administrative privledges.
Like a backup account or power user, etc.
0
 
learn2earnAuthor Commented:
Well we have an outside vendor that we will share this account password with.
So I want to create an account that will Serve for both purposes.

I can create a domain account but I do not what it to have admin rights.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
fpthreeCommented:
Ah, yeah.
Under those circumstances, I would definately use a domain account with restrictions.
I wouldn't use a local account to the servers. Potential exploit and a little harder to monitor.
0
 
learn2earnAuthor Commented:
For some reason the Domain Admin group is the only group that will allow this service to work.
I do not know why.
0
 
fpthreeCommented:
Make sure the user is part of the services group.
Try this document on creating service accounts.
http://technet2.microsoft.com/WindowsServer/en/library/beafe0a4-3e55-4667-b03f-b3a325e1dc801033.mspx?mfr=true
0
 
fpthreeCommented:
I know it says it's for IIS but I believe the concept is the same, you just need to associate it with the service that you have created.
0
 
fpthreeCommented:
I don't understand why you wouldn't be able to setup the service to use a logon as.
So, if you right click on your service at the server and go to the Logon Tab, you should be able
to setup the service to logon as the domain\user (enter the password, verify the password) and click apply.  You should receive a confirmation dialog stating this user has access to this service.
You may need to add this user to the Power user group. But typically this isn't necessary.
Not with my experience while performing this procedure.
0
 
learn2earnAuthor Commented:
Maybe we got lost some where.  
1. But I go into services on my Server A.
2. I go to the V Vengine service and then select the properties. This brings up several tabs.
3. I go to Log On and then I have two options Log on as ( Local System Account, or This Account).
4. I choose this account and then I put in the credentials that I created for this account ( viceversa ) which I do not want to have admin rights.
5. I start the service.  Now when I make a change to a folder on Server A it is suppose Mirror Server B. The name of the program is ( ViceVersa )  www.tgrmn.com.

But remember so far it only works when ( viceversa ) useraccount is apart of the ( domain admin group ).  I do not want it to work like that because we will be sharing this account with an outside vendor.
0
 
fpthreeCommented:
Does the user for the folder it's making changes to have access & privledges to make changes to the folder your looking to change? I think the user under this service requires access to the folders that you're attempting to make changes with. Permissions and Security from Server A & Server B should have the folder shared with access for the user within the Services in use.
0
 
learn2earnAuthor Commented:
I have added the user ( viceversa ) to both folders with full rights.
Still when I try to make a change on Server A it does not Mirror Sever B.
0
 
fpthreeCommented:
Hey Learn, I'm curious to know what it was that you found on their site which resolved the issue for you?
0
 
learn2earnAuthor Commented:
Actually I just went with a Domain Account and gave it the correct rights.
I will not share this info with the outside vendor. They will have a separte account.
If they stop and start the service it will not ask them for a password.

But thanks any way!!
0
 
fpthreeCommented:
Ah, that works. GJ
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.