Jump to content
  • Advertisement
Sign in to follow this  
  • entries
    375
  • comments
    1136
  • views
    298594

Service process account install gotcha

Sign in to follow this  
superpig

476 views

Here's a little something that had me stumped for 15 mins. The info on the net about it is pretty sparse so maybe this will help somebody.

I was trying to install the GDNet service processes on the backend server. Every service process needs its own user account - it makes security, auditing, and SQL Server access a lot neater. Normally when you install a service process that uses a user account, you get prompted for the username and password of the account the service should use. I want the installs to be unattended, so I hardcoded the usernames and passwords into each service process:


[RunInstaller(true)]
public class RendererServiceInstaller : System.Management.Instrumentation.DefaultManagementInstaller
{
public RendererServiceInstaller()
{
var process = new ServiceProcessInstaller
{
Account = ServiceAccount.User,
Username="GDNET\v5_render",
Password = "xxxxxxxxxxxxxxxxxx"
};
var service = new ServiceInstaller
{
DisplayName = "GDNet V5 Rendering Service",
Description = "Service that renders GDNet XML into XHTML for output to users.",
ServiceName = "V5Renderer"
};

Installers.Add(process);
Installers.Add(service);

var evtLog = new EventLogInstaller {Source=RendererService.EventLogSourceName, Log="GDNet" };
Installers.Add(evtLog);
}
}



When I tried running InstallUtil to install the service, though, I got this error:


System.ComponentModel.Win32Exception: No mapping between account names and security IDs was done


I'd granted the accounts in question the 'Log on as a service' and 'Log on locally' rights, I could start processes as them by hand over remote desktop, so what was the problem?

Look at the username I'm using: it's a domain account, so it's in the form DOMAIN\accountname. Look at what's separating those two components. It's a backslash. Backslashes are special in C# (and many other languages). As far as the compiler was concerned, the account name wasn't 'GDNET\v5_render', it was 'GDNET', then a vertical tab, then "5_render".

Sticking an @ on the front of the username string has fixed it.
Sign in to follow this  


2 Comments


Recommended Comments

IIRC C# allows you to escape a backslash as well, so an alternative fix would be to set the string to "GDNET\\v5_render". Of course, using @ makes things a bit more readable, and lessens the chances that someone skimming the code will misinterpret the username.

Share this comment


Link to comment

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Advertisement
×

Important Information

By using GameDev.net, you agree to our community Guidelines, Terms of Use, and Privacy Policy.

We are the game development community.

Whether you are an indie, hobbyist, AAA developer, or just trying to learn, GameDev.net is the place for you to learn, share, and connect with the games industry. Learn more About Us or sign up!

Sign me up!