LocalService Account
LocalService Account

The LocalService account is a predefined local account used by the service control manager. This account is not recognized by the security subsystem, so you cannot specify its name in a call to the LookupAccountName function. It has minimum privileges on the local computer and presents anonymous credentials on the network.

This account can be specified in a call to the CreateService function. Note that this account does not have a password, so any password information that you provide in this call is ignored. While the security subsystem localizes this account name, the SCM does not support localized names. Therefore, you will receive a localized name for this account from the LookupAccountSid function, but the name of the account must be NT AUTHORITY\LocalService when you call CreateService, regardless of the locale, or unexpected results can occur.

The user SID is created from the SECURITY_LOCAL_SERVICE_RID value.

The LocalService account has its own subkey under the HKEY_USERS registry key. Therefore, the HKEY_CURRENT_USER registry key is associated with the LocalService account.

The LocalService account has the following privileges:

  • SE_ASSIGNPRIMARYTOKEN_NAME (disabled)
  • SE_AUDIT_NAME (disabled)
  • SE_CHANGE_NOTIFY_NAME (enabled)
  • SE_CREATE_GLOBAL_NAME (enabled)
  • SE_IMPERSONATE_NAME (enabled)
  • SE_INCREASE_QUOTA_NAME (disabled)
  • SE_SHUTDOWN_NAME (disabled)
  • SE_UNDOCK_NAME (disabled)
  • Any privileges assigned to users and authenticated users

For more information, see Service Security and Access Rights.

Windows 2000:  This account is not supported.

 

 

Send comments about this topic to Microsoft

Build date: 2/4/2010

Community Content

NETWORK SERVICE , LOCAL SERVICE ,LOCAL SYSTEM accounts
Added by:Thomas Lee
accounts| Edit

Do any one know the exact difference(s) between NETWORK SERVICE ACCOUNT, LOCAL SERVICE ACCOUNT AND LOCAL SYSTEM ACCOUNT ???????
It is an ergent research I need the the answer.
plz send the answer to hmobahat@gmail.com as soon as possible.

Regards.
Hoopad.

[tfl - 11 09 09] Hi - and thanks for your post. You should post questions like this to the MSDN Forums at http://forums.microsoft.com/msdn or the MSDN Newsgroups at

http://www.microsoft.com/communities/newsgroups/en-us/. You are much more likely get a quicker response using the forums than through the Community Content. For specific help about:
Visual Studio : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public.vstudio%2C&
SQL Server : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public.sqlserver%2C&
.NET Framework : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public.dotnet.framework
PowerShell : http://groups.google.com/group/microsoft.public.windows.powershell/topics?pli=1
All Public : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public%2C&

Having said that, they have different levels of permission. The Local System Account is all powerful, whereas Network Service Accounts have lower permissions. See the newsgroups for more information on the specifics. Sorry I can't help more.
© 2010 Microsoft Corporation. All rights reserved.   Terms of Use | Trademarks | Privacy Statement
Page view tracker
Rate the Lightweight library
x
Lightweight builds on ScriptFree (loband) by adding features you've requested: a SearchBox and default code language selection.
Do you like the SearchBox?
Do you like the tabbed code blocks?
How useful is this topic?
Tell us more.
Thanks
x
You're helping to improve MSDN Online.
Feedback
Switch View
x
Classic
Lightweight Beta
ScriptFree
Switch View