Wednesday, May 16, 2018

windows 7 - .postgres looses "Log on as a service" after reboot; PostgreSQL service does not start



I've installed PostgreSQL 9.1 x64 on a Windows 7 Enterprise x64 system using the usual install method. The computer has a Novell Client for Windows, and a ZENworks Adaptive Agent, which I suppose externally manages some of the users/policies for the system. I've installed postgres on several Windows computers, so I'm a bit surprised that this system is behaving differently.



When the computer reboots, the PostgreSQL Service does not startup. The full message from attempting to start the service is:





Windows could not start the postgresql-x64-9.1 - PostgreSQL Server 9.1 service on Local Computer.
Error 1069: The service did not start due to a logon failure.
Services1




I can then go to the properties for that service, in the "Log On" tab, retype the password that was originally used with the installer.



postgres service



When I click OK, a dialog appears:





The account .\postgres has been granted the Log On As A Service right.
Services2




which sounds great. I can then correctly start the PostgreSQL Service and continue on. The problem is when I reboot, I need to go to manage the service, retype the password and manually start the service again.



Viewing the "User Rights Assignment" in "Local Security Policy", I see that the "Log on as a service" is wiped after each reboot, leaving only the default "NT SERVICE\ALL SERVICES". This is what I see on a fresh reboot:




Log on as a service dialog



I can then manually add the COMPNAME\postgres user to this dialog to start the service, but it disappears on the next reboot.



Is the problem that the "Log On As A Service" privileges is wiped by the Local Security Policy, or is there something up with the Novell Client/ZENworks Adaptive Agent? Are there any other strategies to make the "Log on as a service" privileges stick for the .\postgres user?


Answer



The fix was simple. Go to the "Log On" tab for the postgres service and change the selection from "This account" to "Local System account" (second figure in my question). Works perfectly now.


No comments:

Post a Comment

linux - How to SSH to ec2 instance in VPC private subnet via NAT server

I have created a VPC in aws with a public subnet and a private subnet. The private subnet does not have direct access to external network. S...