2
我有一个NServiceBus 3.0发行者在域服务帐户下运行。发布者没有外部依赖关系,本地唯一的依赖关系是输入队列和ravendb。Windows服务权限
我已授予了输入队列服务帐户的完全控制。
当我添加服务帐户到本地管理员组的服务启动正常。如果我从本地管理员删除服务帐户,我在系统日志中收到一个错误在启动时:
The BlahBlahBlah service failed to start due to the following error:
Access is denied.
如果我期待在安全日志中的以下4项写入:
注册1 :
A logon was attempted using explicit credentials.
Subject:
Security ID: SYSTEM
Account Name: MYSERVER$
Account Domain: MYDOMAIN
Logon ID: 0x3e7
Logon GUID: {00000000-0000-0000-0000-000000000000}
Account Whose Credentials Were Used:
Account Name: svc_AppPrototype
Account Domain: MYDOMAIN
Logon GUID: {a224c91b-adce-3a5b-ca32-32265f073d2b}
Target Server:
Target Server Name: localhost
Additional Information: localhost
Process Information:
Process ID: 0x1ec
Process Name: C:\Windows\System32\services.exe
Network Information:
Network Address: -
Port: -
条目2:
An account was successfully logged on.
Subject:
Security ID: SYSTEM
Account Name: MYSERVER$
Account Domain: MYDOMAIN
Logon ID: 0x3e7
Logon Type: 5
New Logon:
Security ID: MYDOMAIN\svc_AppPrototype
Account Name: svc_AppPrototype
Account Domain: MYDOMAIN
Logon ID: 0x9c6bfc2
Logon GUID: {a224c91b-adce-3a5b-ca32-32265f073d2b}
Process Information:
Process ID: 0x1ec
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name: MYSERVER
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
条目3:
Special privileges assigned to new logon.
Subject:
Security ID: MYDOMAIN\svc_AppPrototype
Account Name: svc_AppPrototype
Account Domain: MYDOMAIN
Logon ID: 0x9c6bfc2
Privileges: SeImpersonatePrivilege
条目4:
的帐户被注销。
Subject:
Security ID: MYDOMAIN\svc_AppPrototype
Account Name: svc_AppPrototype
Account Domain: MYDOMAIN
Logon ID: 0x9c6bfc2
Logon Type: 5
所有参赛作品在服务启动过程中被记录下来。
我的问题是什么明确的权限,我需要设置,而无需在本地管理员的服务帐户启动此服务?