On 06/13/2012 06:32 PM, Florian Pflug wrote:
> Some further googling indicates that, yes, the service account passwords
> are stored in the registry, but are only accessible to the LocalSystem
> account [2]. Querying them from the postgres installer thus isn't really an
> option. But what you could do, I guess, is to offer the user the ability to
> change the password, and using the approach from [1] to update the affected
> service definitions afterwards.
Yep, that fits with how MS SQL server does things:
"Always use SQL Server tools such as SQL Server Configuration Manager to
change the account used by the SQL Server Database Engine or SQL Server
Agent services, or to change the password for the account. In addition
to changing the account name, SQL Server Configuration Manager performs
additional configuration such as updating the Windows local security
store which protects the service master key for the Database Engine.
Other tools such as the Windows Services Control Manager can change the
account name but do not change all the required settings."
http://msdn.microsoft.com/en-us/library/ms143504.aspx
--
Craig Ringer
POST Newspapers
276 Onslow Rd, Shenton Park
Ph: 08 9381 3088 Fax: 08 9388 2258
ABN: 50 008 917 717
http://www.postnewspapers.com.au/
