Windows and FireDaemon Pro services can be run under various user credentials. These user credentials are known as Service User Accounts. By default, FireDaemon Pro services run as the user LocalSystem. It is possible to configure FireDaemon Pro services to run with local or domain user credentials. This is especially useful if you do not want to run a service with high level of privilege or you need a service to be able to access specific local or network resources. Additionally, FireDaemon Pro will only run a service under an alternate Service User Account if a password has been set. Hence, it's not possible to run a FireDaemon Pro service under alternate credentials with a blank password.
FireDaemon Pro can import and export service definitions in XML format. By default, FireDaemon Pro does not export the Service User Account password. This is by design. Service User Accounts are often privileged and it's inadvisable to export the password in clear text.
From an automation perspective, it is important to include the Service User Account password when importing FireDaemon Pro Service Definition Files. If a password is not supplied then the service will fail to start with a Logon failure. To resolve this, you can edit the FireDaemon Pro Service Definition File to include the password. To do this, edit the XML Service Definition File in question with an XML aware text editor (such as Notepad++) and include the AccountPassword directive in the Logon Section per the screen shot below. Note that the Account Name can take several forms including:
- Local machine account (eg. .\account)
- Domain account (eg. DOMAIN\account for account@domain)
- Standalone Managed Service Account or MSA (eg. DOMAIN\account$)
- Group Managed Service Account or gMSA (eg. DOMAIN\account$)
For more information please consult the FireDaemon Pro Users Guide. Specifically the sections that relate to the Settings Tab and Logon Credentials as well as the entire section dedicated to Importing and Exporting XML Service Definition Files.