We have a need for a Windows service to run with sufficient rights to RWD files in a directory share that is located on another server. By default the service is installed and runs as Local System account. However, this does not allow the process to access the files in the directory share on another server. Typically I've seen recommendations to use a custom active directory account; however, in our customer environments they passwords on the accounts change frequently which results in the service again not having access. Is there a way to run a Windows service under a set of credentials that is like Local System account without resorting to using a custom AD account?May we all make money in the sequel.

Hello, for service accounts you should set "password never expires" on the user account properties and change the passwored controlled sometimes. Also the password must be long and strong and NOT known to anybody except the admins. Thats the default way service accounts are handled. As you are talking about using an accountu=on multiple machines this prevents you from using managed service accounts as they are only for one machine possible with Windows server 2008 or Windows server 2008 R2.Best regards Meinolf Weber MVP, MCP, MCTS Microsoft MVP - Directory Services My Blog: http://msmvps.com/blogs/mweber/ Disclaimer: This posting is provided AS IS with no warranties or guarantees and confers no rights.

The corporate red tape to get an AD account created as "password never expires" is horrendous. It isn't unusual for the request to take months. Worse, after the account is in effect, various scripts or other such whackings will set the account back to default AD accounts in line with corporate policy. Is there any way a machine to machine trust could be established and the process could run in the context of the machine account?May we all make money in the sequel.