views:

379

answers:

4

Hello all,

I'm trying to start a service as a user and things work fine, until I try a user that doesn't have a password. Then, it fails to start (due to log-on error).

Am I doing something wrong or is this "by design"?

The code to register this service:

 SC_HANDLE schService = CreateService( 
  schSCManager,           
  strNameNoSpaces,      
  strServiceName,           
  SERVICE_ALL_ACCESS,       
  SERVICE_WIN32_OWN_PROCESS, 
  SERVICE_AUTO_START,    
  SERVICE_ERROR_NORMAL,      
  szPath,                  
  NULL,                     
  NULL,                  
  NULL,                    
  strUser,
  (strPassword.IsEmpty())?NULL:strPassword);

Thanks in advance for any insight into this.

A: 

You need to specify an empty string, not NULL if there is no password. NULL is not a valid empty string, "" is. Probably you should just pass strPassword for the last parameter.

SC_HANDLE schService = CreateService( 
            schSCManager,           
            strNameNoSpaces,      
            strServiceName,           
            SERVICE_ALL_ACCESS,       
            SERVICE_WIN32_OWN_PROCESS, 
            SERVICE_AUTO_START,    
            SERVICE_ERROR_NORMAL,      
            szPath,                  
            NULL,                     
            NULL,                  
            NULL,                    
            strUser,

// change this line to:
            strPassword.IsEmpty() ? L"" : strPassword);
// or maybe
            strPassword);
1800 INFORMATION
Thanks - it doesn't work even if I start the service manually. Maybe something else is wrong somewhere?
dennisV
A: 

Thank you - I've tried that first actually, but to no avail.

If I start services.msc, manually go into service properties and clear the 2 password fields, then press "Apply" and try to start it, it also fails.

dennisV
+1  A: 

It may be due to an OS security requirement or security policy. Check the security policies to see if anything is relevant there.

1800 INFORMATION
It's pretty much a vanilla XP installation. I gave policies a quick look, but didn't find anything relevant, at least I didn't spot anything to do with services and log ons and passwords.
dennisV
+1  A: 

Yes, it was indeed related to the security policy. To elaborate:

http://technet.microsoft.com/en-us/library/bb457114.aspx

"If you want to disable the restriction against logging on to the network without a password, you can do so through Local Security Policy. The policy setting that controls blank password restriction can be modified using the Local Security Policy or Group Policy MMC snap-ins. You can use either tool to find this policy option at Security Settings\Local Policies\Security Options. The name of the policy is Accounts: Limit local account use of blank passwords to console logon only. It is enabled by default."

After disabling that, it all works fine.

dennisV