Cannot start windows service, error logon failure.
But
- account is on the domain and in local admin group and has service logon policy set.
- the password has been reset and account is not locked out.
- the service works on another machine on the same domain that I do not have access to.
- setting account details by the command line with sc works fine, but can not start service.
- even rebooted the machine.
why
I was tasked with creating a custom service that was installed on a server in our old domain and ran with a dedicated account. It worked perfectly and everyone was happy.
A couple of weeks a go we all moved to a new domain and the older server was decommissioned. The new server had the older service installed along with a new domain user to execute the service. The code I wrote failed because the server had new components on it. This was logged in the services custom event log, very clear, missing dll.
Rebuilt the service with newer components and tried to get the owner to deploy it, they refused until I had it working locally with the new domain service runner user account.
Using my personal domain account on my machine to execute the service runs fine. Any attempt to start it with the domain account gives logon failure.
I was able to run
sc qc SERVICENAME
sc query SERVICENAME
sc queryex SERVICENAME
on both my machine and the server that works and they are identical.
I used
sc config SERVICENAME obj= NEWDOMAIN\ACCOUNTNAME password= PASSWORD
to ensure that there was absolutely no way I was entering the password incorrectly. Additionally I got the domain admins to reset the password and ensure the account is not locked out.
Why on this one machine can I not run this service as this domain user?
- Service works with other user on this machine.
- Service(old version) executes on target server with same domain user.
