Cannot open service on

Question

Scenario

There is a windows service installed as Local System on a server Machine 1 . The service has some methods to perform on timely basis.

There is a WCF web service running as Network Service identity on IIS at a different server Machine 2.

The following is a code snippet written in WCF web service of Machine 2 to call the Windows service on Machine 1.

            ServiceController service = new ServiceController("Windows Service Name", "Machine 1");
            if (service != null)
            {
                service.ExecuteCommand((int)SimpleServiceCustomCommands.WallCacheRefresh);
            }

When ever the above code is executed, there isan exception thrown.

Exception:

Type : System.InvalidOperationException.

Message : Cannot open service name service on computer Machine 1.

Additional Info: Message : Access is denied.

Tried Settings

Configuration 1

Changing the identity of WCF service to Local System.
Windows service is Local System

Configuration 2

WCF service is Network Service
Windows Service is Local Service
to the service exe, right click => Security => added network service as a user => and gave all permissions.

Configuration 3

WCF service is network system.
windows service is local service
Run => services.msc => select service => right click => properties => Log on => Allow service to interact with desktop is selected.

Configuration 4

WCF service is network system.
windows service is local service
Run => services.msc => select service => right click => properties => Log on => select this account => added Network Service as a user without password.

Configuration 5

WCF service is Network Service
Windows Service is Local Service
to the service exe, right click => Security => added Machine 2 in the users for access=> and gave all permissions.

None of the above scenarios worked.

Please help out.

Thanking in advance

score 0 · Answer 1 · edited May 23 '17 at 12:29

A service running under the Network Service account on one machine will be identified on any other machine to which it connects as the machine account for the machine it is running on.

So, on machine 1, you should set permissions for machine 2 to access the windows service.

Or, my own preference, would be to pick a different means for the two services to communicate. Communicating via the service control manager seems a little clunky.

NetworkService:

A service that runs in the context of the NetworkService account presents the computer's credentials to remote servers.

The permissions that you need to be setting are on the service's security descriptor - not on the exe file. See this question (which is about non-admins, but similar considerations apply) for various ways to adjust the security descriptor.

have also tried the configuration that you asked for. Forgot to detail it here. Have edited the question and added it as Config 5. But Still it did not work — Ravi Sankar Rao, Feb 14 '14 at 09:30
@RaviSankarRao - see edit. The permissions on the service's exe file are irrelevant for this. — Damien_The_Unbeliever, Feb 14 '14 at 09:38

Cannot open service on

1 Answers1