0

I've installed the ServiceControl Management Utility and I'm trying to add an instance.

I would like to run the instance under a service account because we use SQLServer transport but pmthe installation page I get the error "Invalid password".

The account is hosting another windows service on the same machine.

I've tried other admin accounts and creating the instance through the UI and Powershell scripts.

I'm 200% sure the password is correct.

Is there anyway I can increase the logging to determine what is failing?

Strangely, I can change the service account under the initial install and it works.. I was eventually able to get the service running using an SQL login but I would prefered to use integrated security and not keep the username and password in the connection string.

Kye
  • 5,919
  • 10
  • 49
  • 84
  • Is the account you're using a Domain or a Local Account? – Peter Nov 04 '15 at 03:10
  • No there is currently no 'secret extra' logging – Peter Nov 04 '15 at 03:11
  • I'm not really sure what you mean by this "But I was reqiured to a SQL login to our database and stuff around a little more then I wanted." can you please expand on it for me? – Peter Nov 04 '15 at 03:12
  • Hi Pete. It's a domain service account. Can you explain why the installer believes the password is incorrect? Is it checking some particular permission or trying some operation? – Kye Nov 04 '15 at 04:10
  • I was able to get it working using an SQL Login. – Kye Nov 04 '15 at 04:10
  • The installer is actually validating the login by using the supplied account details. If that doesn't work then it will fail validation. So it is attempting to initiate that login attempt under the interactive user's credentials (i.e. you) So if there is anything that might prevent your account from impersonating the Domain Service Account you might run into trouble. Basically, you have to be a local administrator of the machine you are installing on? – Peter Nov 04 '15 at 04:31

2 Answers2

1

This is code that does the validation.

public bool CheckPassword(string password)
       {
           if (Domain.Equals("NT AUTHORITY", StringComparison.OrdinalIgnoreCase))
           {
               return true;
           }
           var localAccount = Domain.Equals(Environment.MachineName, StringComparison.OrdinalIgnoreCase);
           var context = localAccount ? new PrincipalContext(ContextType.Machine) : new PrincipalContext(ContextType.Domain);
           return context.ValidateCredentials(QualifiedName, password);
       }

So in a multi-domain environment it might run into trouble.

Raise a bug here and we will be able to give you a better response.

Peter
  • 7,792
  • 9
  • 63
  • 94
1

A patch that addresses this bug has been released. See - https://github.com/Particular/ServiceControl/releases/tag/1.7.3. Thanks Kye for making us aware of the issue

Greg Bielleman
  • 161
  • 1
  • 4