Menu
I can start the service correctly if the service's "Log on" account has a password. But when I remove the user password and try again, I got the error: "Error 1069: The service did not start due to a logon failure"
Can't a service runs under an account with empty password?
999
Service accounts differ from normal user accounts in multiple ways: They don't have a password and can't be used for browser-based sign-in. They're created and managed as a resource that belongs to a Google Cloud project. In contrast, users are managed in a Cloud Identity or Google Workspace account.
A service account is a special type of Google account intended to represent a non-human user that needs to authenticate and be authorized to access data in Google APIs. Typically, service accounts are used in scenarios such as: Running workloads on virtual machines (VMs).
It has minimum privileges on the local computer and presents anonymous credentials on the network. This account can be specified in a call to the CreateService and ChangeServiceConfig functions. Note that this account does not have a password, so any password information that you provide in this call is ignored.
By default all modern versions of Windows have a Local Security policy that restricts users with blank passwords to logging on at the local console only. In other words, a user with a blank password must physically be at the computer in order to log on. The user cannot log on as a service, as a batch user, over a network, etc.
This can be changed by changing the policy under Local Policies -> Security Options. Or by changing the LimitBlankPasswordUse value under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa to zero.
But, and this is very important, this will set up a serious hole in your security since users with blank passwords will now be able to log on remotely and blank passwords are pretty easy to guess. I can't think of any reason to have a service run under an account with no password, so my recommendation would be - don't do it.
198
What version of Windowss? I believe under Windows XP at least, a service can't be run as a user with a blank password.
If you've time spare, you could try setting things like "allow interaction with desktop" on the service, and "allow log on a service" for the user.
But I think you'd be better with a password, for several reasons. Why don't you want one?
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
