none
windows service startup fails when domain controller is not reachable RRS feed

  • General discussion

  • I have a windows service which runs under a domain user account (service account) on a windows 10 20H2 (Build 19042.1165) machine.
    This account is added to the group policy "Logon as a service".
    If the domain controller is reachable (network cable plugged in) and I start the windows service it successfully starts up and is running. 
    If the network cable is unplugged (domain controller not reachable) and I start the windows service then it fails with the error message:

    The service"xxxx"on"LocalComputer"could not be started. 
    Error1057:The account name is not allowed or does not exist, or the password is invalid for the specified account name.

    How I can achieve that the service starts up successfully?


    Thursday, October 7, 2021 6:50 AM

All replies

  • I would like to provide you the best article from Microsoft support. Check out this article I hope this may resolve your Windows service startup fails error.

    https://docs.microsoft.com/en-us/troubleshoot/windows-server/system-management-components/service-startup-permissions

    Friday, October 8, 2021 6:59 AM
  • I went through the article but it doesn't help / answer how I can achieve a successful startup if the domain controller is not available.

    Monday, October 11, 2021 5:50 AM
  • Please change local account logon desktop, start netlogon service and server,workstation。


    Monday, November 8, 2021 8:36 AM
  • Hi, I have the same issue.

    Tried following the suggested article, however did not manage to resolve it.

    Any other advice from someone who can help?

    Tuesday, November 9, 2021 6:43 AM
  • My tip:

    You can run the service using a built-in account, like NT AUTHORITY\NETWORK SERVICE ou NT AUTHORITY\NT SERVICE. They are local accounts. Network Service has network access (his permissions are that given to computer object in Active Directory), while NT SERVICE don't.

    You can also use LOCAL SYSTEM (or SYSTEM), however, this account has full computer access - please review security implications.

    How to change: Go to Service, open the Service properties, and on "Log On" tab, select "This Account". Then write or browse for account name.

    Hope this help. Let us know if it works.

    Good luck!

    Marcelo


    Marcelo Lucas Guimarães
    MCP, MCTS, MCDBA, MCITP
    Twitter: @mlucasg7
    Blog: http://mlucasg.wordpress.com


    • Edited by MarceloLGuimaraes Wednesday, November 10, 2021 11:05 AM Extend explanation
    Wednesday, November 10, 2021 10:01 AM
  • My tip:

    You can run the service using a built-in account, like NT AUTHORITY\NETWORK SERVICE ou NT AUTHORITY\NT SERVICE. They are local accounts. Network Service has network access (his permissions are that given to computer object in Active Directory), while NT SERVICE don't.

    You can also use LOCAL SYSTEM (or SYSTEM), however, this account has full computer access - please review security implications.

    How to change: Go to Service, open the Service properties, and on "Log On" tab, select "This Account". Then write or browse for account name.

    Hope this help. Let us know if it works.

    Good luck!

    Marcelo


    Marcelo Lucas Guimarães
    MCP, MCTS, MCDBA, MCITP

    Lucky to read this article, this is amazing, thanks for sharing! you try! 
    https://coloring-pages.io/



    • Edited by colorman4 Tuesday, November 16, 2021 9:05 AM
    Tuesday, November 16, 2021 9:03 AM
  • Yes, you are right but but this is very difficult and as a developer I can not do this work. I was view website about writing service and the developer did this work on that site very nicely. You can also visit this site and take help to complete your translation work.
    Friday, November 26, 2021 2:00 PM
  • Yes, you are right but but this is very difficult and as a developer I can not do this work. I was view website about writing service and the developer did this work on that site very nicely. You can also visit this site and take help to complete your translation work.
    Friday, November 26, 2021 5:02 PM
  • Some time ago I had a similar situation. Unfortunately, I did everything from scratch, it is a pity that I did not find these answers earlier.
    Sunday, November 28, 2021 8:49 PM
  • I suggest you the best article from Microsoft Community support. Check out this article This may surely resolve your Windows service startup fails error.

    https://docs.microsoft.com/en-us/troubleshoot/windows-server/system-management-components/service-startup-permissions

    Friday, December 3, 2021 9:50 AM
  • I tried instructions in this forum. These instructions does not help, please share further details to help.
    Sunday, December 5, 2021 6:02 PM
  • I tried permissions and it worked, this could be helpful. You can try reading this link. https://docs.microsoft.com/en-us/troubleshoot/windows-server/system-management-components/service-startup-permissions
    Sunday, December 5, 2021 6:03 PM
  • i dint anything about this blog
    Tuesday, December 7, 2021 4:48 PM
  • Remember that when you change permissions at service level your are changing the security and IAM access to these services. It has some implications in your environment. So, if the service has dependencies from AD and you change the permissions locally... You are making changes in the security of the resources that are running under that service. It could be a risk.
    Friday, December 10, 2021 10:45 AM
  • I also wanna know about this , suffering from the same issue ............
    Monday, January 3, 2022 3:59 AM
  • same here
    Saturday, January 8, 2022 9:14 AM
  • When the DNS associated with the machine running ADSelfService Plus do not contain the necessary information. In such cases, you need to add the Domain Controllers manually. 
    Monday, January 10, 2022 6:01 AM
  • have you found the solution?

    GO for it

    <a href="https://www.ultimateenergy.com.au/10kw-solar-system/>solution</

    Please post the answer if you have got.

    Tuesday, January 11, 2022 12:09 AM
  • The domain controller is unreachable from the client because of a firewall or. NTP, the Windows time service, must be running on the domain controller.
    Wednesday, January 12, 2022 11:32 AM