HOWTO: How the Service Control Manager Manages Passwords

ID: Q149641

The information in this article applies to:
  • Microsoft Win32 Application Programming Interface (API), used with:
    • Microsoft Windows NT versions 3.51, 4.0
    • Microsoft Windows 2000

SUMMARY

Services have the ability to run in the security context of an ordinary user account. In order for a service to do this, the Service Control Manager needs the name and password of the account in which it is to run.

The Service Control Manager keeps two copies of a user account's password, the current password and the backup password. The first time you install a service, the password given to the Service Control Manager is stored as the current password and the backup password is not initialized.

When the Service Control Manager attempts to log the service in the security context of the user account, it uses the current password. If the current password is successful, it is also saved as the backup password. If the user account's password is modified with ChangeServiceConfig() or the Services control panel applet, the modified password is stored as the current password and the previous current password is stored as the backup password. When an attempt is made to start the service, the Service Control Manager uses the current password. If the current password fails, the Service Control Manager uses the backup password. If the backup password is successful, it becomes the current password.


MORE INFORMATION

If the Service Control Manager cannot start the service in the security context of the user account with the current password, the following event log entry is logged into the system log: 


Event ID    = 7013
Source      = Service Control Manager
Type        = Error
Description = Logon attempt with current password failed with the
              following error: Logon failure: unknown user name or
              bad password.
If the Service Control Manager cannot start the service in the security context of the user account with the backup password, the following event log entry is logged into the system log: 

Event ID    = 7014
Source      = Service Control Manager
Type        = Error
Description = Second logon attempt with old password also failed with
              the following error: Logon failure: unknown user name or
              bad password.

Additional query words:

Keywords : kbKernBase kbWinOS2000 kbSCM kbService kbDSupport kbGrpKernBase
Version : winnt:3.51,4.0
Platform : winnt
Issue type : kbhowto


Last Reviewed: January 6, 2000
© 2000 Microsoft Corporation. All rights reserved. Terms of Use.