发表新帖
发表新帖

Using SC.exe to set service credentials password fails

后端 未结
关注
8 1070
野性不改
野性不改 2020-12-10 14:05

I know this question has been asked in the past, but a satisfactory answer has not been provided.

I am using the SC command to config the credentials for a service.<

相关标签:
8条回答
  • 庸人自扰
    2020-12-10 14:23

    When you configure a service to run under a specific account via the normal route from the service properties windows automatically grants the account the log in as service right. When you use sc.exe you also have to grant the user the log on as service right.

    Log On As Service Right

    0 讨论(0)
  • 温柔的废话
    2020-12-10 14:33

    Besides stopping the service before making the changes, and granting the user permission to logon as a service, I also had to add the type= own parameter, otherwise it would fail with:

    [SC] ChangeServiceConfig FAILED 87:

The parameter is incorrect

    So this is the command that worked:

    SC.EXE config "ServiceName" type= own obj= "domain\user" password= "password"

    It even worked with special characters in the password, given I had the password between double brackets.

    0 讨论(0)
  • 感情败类
    2020-12-10 14:34

    Try This. Start menu - type "local security policy" without the quotes. Open the "Local Policies", then left-click on "User Rights Assignment". On the right panel, right-click on "Log on as a service", and select "Properties". Click on "Add User or Group" and add your user. Click OK. You might have to reboot your machine.

    After adding you can set the user name and password for the service in cmd.

    0 讨论(0)
  • 隐瞒了意图╮
    2020-12-10 14:36

    Before restarting services, you should grant your user permission to logon as a service. Unfortunately, no way to do it from command line with default windows tools, but you can use small additional util ntright.exe from Windows Server 2003 Resource Kit Tools.

    Download it from https://www.microsoft.com/en-us/download/details.aspx?id=17657

    After installation you'll get a lot of tools in C:\Program Files (x86)\Windows Resource Kits\Tools (or in Program Files on 32bit machine).

    You need ntrights.exe. You can copy it and run from any place on another host.

    To grant your user required permission, you should add to your script:

    ntrights.exe +r SeServiceLogonRight -u "%DOMAIN%\%USER%"

    After that you can successfully restart services with a new user. Also there is an option to run ntrights.exe on remote host:

    ntrights.exe +r SeServiceLogonRight -u "%DOMAIN%\%USER%" -m %HOSTNAME%

    This tool helps me very much when I need reconfigure a lot of hosts remotely.

    0 讨论(0)
  • 南方客
    2020-12-10 14:38

    I had this issue. Thanks to ST's comment on the original post, I realized I needed to research how to type the password. In my case, I needed to double up the percent sign (%%) in the password.

    The link ST provided is helpful: Escaping special characters in cmd.

    0 讨论(0)
  • 醉酒成梦
    2020-12-10 14:38

    Run against this problem while doing some Powershell scripting and the issue in my case was the special characters in the password.

    Got it working by storing the password in a variable with double quotes around it:

    $servicePassword = "`"passwordWithSpecialCharacters`"" cmd /c sc config myService obj= mydomain\myuser password= $servicePassword

    Special characters are:

    ()'"$><^?

    0 讨论(0)
 看不清?
提交回复
热议问题