cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Veritas.com
Support

logon as a service account password keeps changing

MusicalChris
Level 3
Partner

‎11-21-2008 01:10 AM

Hi, we seem to have a problem every so often where all the Backup exec services seem to stop.  we then try to start them and the logon details are incorrec, so we go into the backup exec server service properties and look at the logon account and password and the password has changed itself to long password.  Once we have changed it back to the correct password then the service is able to start and all the others then will start ok.

 

This will then be ok for a while then the password will reset itself againand we have to go through the whole process again.

 

Any ideas why this is happening?  is it a windows issue or just a problem with backup exec services?

 

Backup exec is running on windows server 2003 and has been updated with all the latest service packs and patches.

 

Any help on this would be gratefully appreciated.

 

Thanks

 

Chris

4 REPLIES 4

asteidl
Level 2

‎12-16-2008 09:44 AM

We are having the same issue.  Did you ever get any resolution on this issue?

0 Kudos

Kevin_Cotreau
Level 6

‎12-16-2008 11:56 AM

As a matter of Windows, you can not count the ****'s and determine the length of the actual password. They intentionally do that so a potential hacker does not start knowing the lenght of the password. That is by design and not your issue.

 

You both may other issues regarding the password like possibly this, for example: If the account you use for BE has a password that changes every 90 days, for example, but you don't log out for 100 days, your BE services will continue to run until they are required to re-login for the first time after the password has expired, so they will continue to work for days 91-100 in my example. First time you stop and start the server or reboot, they would fail after day 90.

 

If this is the case, then you can either use "Users and Computers" and set that account's password to not expire, or every so often, you can go into BE Tools>Backup Exec Services and update the credentials simultaneously.

0 Kudos

asteidl
Level 2

‎01-03-2009 07:06 PM

Actually it turns out that the "logon as service" right was being overwritten by a domain policy.  Once this was corrected, we have not had any further issues.
0 Kudos

LOGIX
Level 2
Partner

‎04-21-2009 01:17 PM

asteidl is correct.

You will notice that when you "change" the service's logon as password, a popup appears indicating that the user has been granted "logon as a service" rights. That is because the service's user rights to "logon as a service" we removed. No normal process will take it upon itself to change your passwords in services.

This is because the rights have been removed (otherwise your service would have never run in the first place).
However this will reoccur because the "wizard" that grants this user ”logon as a service" for you ONLY does this in the LOCAL SECURITY POLICY.

This is fine as long as the server / PC don’t belong to a domain. If domain polices are in effect then next time you reboot the server (or at some other security audit event) IF the user does not have "logon as a service" rights in the domain policy, then the local policy will be over written (hence enforcing domain policy).
0 Kudos