I'm using Service Bus For Windows Server v1.0. I have a service which is running in the LocalSystem (NT AUTHORITY\SYSTEM) account or NetworkService (NT AUTHORITY\NETWORK SERVICE). I want to give that service manage rights on the default namespace in service bus.
I've run:
set-sbnamespace -name ServiceBusDefaultNamespace -ManageUsers
"NT AUTHORITY\SYSTEM","NT AUTHORITY\NETWORK SERVICE","MY_DOMAIN\MY_USER"
With the result:
Name : ServiceBusDefaultNamespace
AddressingScheme : Path
CreatedTime : 7/19/2013 2:40:52 PM
IssuerName : ServiceBusDefaultNamespace
IssuerUri : ServiceBusDefaultNamespace
ManageUsers : {nt authority\system, nt authority\network service,
my_user@my_domain}
But when trying to create a Queue, I get the error:
The remote server returned an error: (401) Unauthorized. Authorization
failed for specified action: Manage..TrackingId:XXXXXXXXXXXXXXXXXXXX,
TimeStamp:7/23/2013 9:31:31 AM
If I try to add the System Account "MY_DOMAIN\MY_SERVER$" it complains that the account doesn't exist even though this works perfectly for MS SQL Server.
If I try to run the service as MY_DOMAIN\MY_USER that works but it's not ideally what I want.
I have tried restarting the server after making the config changes.
You can't add computer account "MY_DOMAIN\MY_SERVER$" as "ManageUsers" directly. Hovever you can set windows group as "ManageUsers",this is full enough.
You just should
This is worked for me.