Do not simply start the service under a different username or admin. (Unless your service actually requires admin privileges of course!) This is a security hole and creates a bad user experience.
The actual issue is that the service hasn't been assigned any permissions in the first place.
However, it must be noted that Microsoft didn't exactly make them easy to change - service permissions are similar to regular file permissions but unfortunately cannot be altered with a simple right click. They can however be read via:
sc.exe sdshow <service name>
And written via:
sc.exe sdset <service name> <permissions>
<service name>
is your service name.
<permissions>
is the permissions in SDDL format.
So use sdshow
to get the permissions, then sdset
to update them with your requirement(s). SDDL a cacophony of seemingly random letters beyond the scope of this post and more reminiscent of Unix than Windows.
In short instance adding the descriptor (A;;RPWP;;;WD)
would allow (A
) everyone (WD
) to start (RP
) and stop (WP
) the named service.