How To How the Service Control Manager Manages Passwords (149641)
The information in this article applies to:
- Microsoft Win32 Application Programming Interface (API), when used with:
- the operating system: Microsoft Windows NT 3.51
- the operating system: Microsoft Windows NT 4.0
- the operating system: Microsoft Windows 2000
- the operating system: Microsoft Windows XP
This article was previously published under Q149641 SUMMARY
Services have the ability to run in the security context of an ordinary
user account. In order for a service to do this, the Service Control
Manager needs the name and password of the account in which it is to run.
The Service Control Manager keeps two copies of a user account's password,
the current password and the backup password. The first time you install a
service, the password given to the Service Control Manager is stored as the
current password and the backup password is not initialized.
When the Service Control Manager attempts to log the service in the
security context of the user account, it uses the current password. If the
current password is successful, it is also saved as the backup password. If
the user account's password is modified with ChangeServiceConfig() or the
Services control panel applet, the modified password is stored as the
current password and the previous current password is stored as the backup
password. When an attempt is made to start the service, the Service Control
Manager uses the current password. If the current password fails, the
Service Control Manager uses the backup password. If the backup password is
successful, it becomes the current password.
| Modification Type: | Minor | Last Reviewed: | 7/1/2004 |
|---|
| Keywords: | kbhowto kbKernBase kbSCM kbService KB149641 |
|---|
|