Microsoft KB Archive/149641

{|
 * width="100%"|

HOWTO: How the Service Control Manager Manages Passwords

 * }

Q149641

-

The information in this article applies to:


 * Microsoft Win32 Application Programming Interface (API), used with:
 * the operating system: Microsoft Windows NT, versions 3.51, 4.0
 * the operating system: Microsoft Windows 2000

-

SUMMARY
Services have the ability to run in the security context of an ordinary user account. In order for a service to do this, the Service Control Manager needs the name and password of the account in which it is to run.

The Service Control Manager keeps two copies of a user account's password, the current password and the backup password. The first time you install a service, the password given to the Service Control Manager is stored as the current password and the backup password is not initialized.

When the Service Control Manager attempts to log the service in the security context of the user account, it uses the current password. If the current password is successful, it is also saved as the backup password. If the user account's password is modified with ChangeServiceConfig or the Services control panel applet, the modified password is stored as the current password and the previous current password is stored as the backup password. When an attempt is made to start the service, the Service Control Manager uses the current password. If the current password fails, the Service Control Manager uses the backup password. If the backup password is successful, it becomes the current password.

MORE INFORMATION
If the Service Control Manager cannot start the service in the security context of the user account with the current password, the following event log entry is logged into the system log:

Event ID   = 7013 Source     = Service Control Manager Type       = Error Description = Logon attempt with current password failed with the following error: Logon failure: unknown user name or             bad password.

If the Service Control Manager cannot start the service in the security context of the user account with the backup password, the following event log entry is logged into the system log:

Event ID   = 7014 Source     = Service Control Manager Type       = Error Description = Second logon attempt with old password also failed with the following error: Logon failure: unknown user name or             bad password.

Additional query words:

Keywords : kbKernBase kbOSWin2000 kbSCM kbService kbDSupport kbGrpDSKernBase

Issue type : kbhowto

Technology : kbAudDeveloper kbWin32sSearch kbWin32API