Details
-
Improvement
-
Resolution: Unresolved
-
Major
-
4.5.1, 4.6.0
-
Couchbase Server Enterprise 4.5.1
Couchbase Server Enterprise 4.6
Description
On Windows 2008 (r2) / 2012 (r2), Couchbase Service start up using Local System account otherwise it will result error.
What have done
- tested with build in virtual account, network service account, and local service account.
- * All return error and no log in Couchbase logs
See Windows Event logs
Windows_Couchbase_Crash_Events.evtx
—
Different Windows Account Type
Virtual accounts - Started in Windows Server 2008 R2 and Windows 7 are "managed local accounts" that provide the following features to simplify service administration:
No password management is required.
The ability to access the network with a computer identity in a domain environment.
Network Service – The NetworkService account is a predefined local account used by the service control manager. This account is not recognized by the security subsystem. It has minimum privileges on the local computer and acts as the computer on the network. The NetworkService account has the following privileges:
• SE_CHANGE_NOTIFY_NAME
• SE_CREATE_GLOBAL_NAME
• SE_IMPERSONATE_NAME
• Any privileges assigned to users and authenticated users
Local Service – The LocalService account is a predefined local account used by the service control manager. This account is not recognized by the security subsystem. It has minimum privileges on the local computer and presents anonymous credentials on the network. The LocalService account has the following privileges:
• SE_CHANGE_NOTIFY_NAME
• SE_CREATE_GLOBAL_NAME
• SE_IMPERSONATE_NAME
• Any privileges assigned to users and authenticated users
Local System – The LocalSystem account is a predefined local account used by the service control manager. This account is not recognized by the security subsystem. It has extensive privileges on the local computer, and acts as the computer on the network. Its token includes the NT AUTHORITY\SYSTEM and BUILTIN\Administrators SIDs; these accounts have access to most system objects. The name of the account in all locales is .\LocalSystem. The name, LocalSystem or ComputerName\LocalSystem can also be used. The LocalSystem account has the following privileges:
• SE_AUDIT_NAME
• SE_CHANGE_NOTIFY_NAME
• SE_CREATE_GLOBAL_NAME
• SE_CREATE_PAGEFILE_NAME
• SE_CREATE_PERMANENT_NAME
• SE_DEBUG_NAME
• SE_IMPERSONATE_NAME
• SE_INC_BASE_PRIORITY_NAME
• SE_LOCK_MEMORY_NAME
• SE_PROF_SINGLE_PROCESS_NAME
• SE_TCB_NAME
Reference:
Attachments
Issue Links
- is triggering
-
DOC-2183 [Documentation] Run Couchbase on Windows Server as Service using Windows Service Account or Virtual Account
- Resolved