I am creating a service that needs to run on Windows 2000, XP, 2003, 2008 & Vista. The service needs to access a network share as part of its processing. For XP and beyond the service can be running as the Network Service account but what's the equivalent in Windows 2000?
+1
A:
In Windows 2000, there are no built-in principals with the required privileges, and you'll need to use a regular user account for this purpose (it does need to have the 'run as a service' privilege enabled, of course, but that's handled automagically when entering the account credentials through the service control manager user interface).
Using a named account is always a good idea, BTW: although using 'Network Service' is very convenient when deploying your service (since no user interaction is required), the network share the service connects to will also need to have access rights applied to it.
This is where you'll likely run into issues, since granting those access rights to 'Network Service' isn't very granular. In order words: not just your service, but every other service running under those credentials will have access to the share. When using a unique account to begin with, this issue is avoided.
mdb
2008-10-13 12:59:46