Create a local service user

 

Request:

Create a service user that will be used to run the Password Secure Server service.

 

Requirement:

Administrator access to the server with the right:

• Create user.
• Change the local security policy.

 

Implementation:

To open Local Users and Groups, please run "lusrmgr.msc".

• right mouse button on the Start menu (point 1).
• Select Run with the left mouse button (point 2).

• lusrmgr.msc (point 1).
• confirm with "OK" (point 2).

• Select user folder (point 1).
• right click to open the submenu (point 2).
• to create a user select "New user" (point 3).

Enter the username and password and confirm with "Create".

In our example the

username: svc_passwordsecure

Full name: Netwrix Password Secure

Description: Service account

We never let the password never expire.

 

Now we add the user to the "Administrators" group.

• Select the group folder (point 1).
• Open the Administrators group (item 2).
• Add the service user (point 3).
• and confirm with "OK" (item 4).

 

The user can also be created with PowerShell and added to the Administrators group.

$username = "svc_passwordsecure"
$password = Read-Host -AsSecureString
New-LocalUser -Name $username -Password $password -FullName "Netwrix Password Secure" -Description "Service account"
Add-LocalGroupMember -Group Administrators -Member $username

When using this PowerShell script, you will be prompted to enter a password for the service user. If you do not want the password to expire, this must be set.

 

After that, the user must be given the right "Log on as service".
To open the Local Security Policy, please run "secpol.msc".

• enter secpol.msc (point 1).
• confirm with "OK" (point 2).

• Select Local Policies (point 1).
• User Rights Assignment (point 2).
• Log on as a service (point 3).

• Add the user (point 1).
• User has been added (point 2).
• confirm with "OK" (point 3).

Now the service user can be used to run the server as a service user.