I created a service installer with WiX. The setup runs with InstallPrivileges="elevated". My service has to access a distant folder, so I want to specify the user attribute to be sure that the service will have sufficient privileges.
I checked the WiX documentation but I only found how to define local system as account.
How can I define a user for the service (maybe the current user)?
<ServiceInstall Id="ServiceInstaller"
Type="ownProcess"
Vital="yes"
Name="$(var.service)"
DisplayName="$(var.product)"
Start="auto"
Account="LocalSystem"
ErrorControl="normal" />
Credentials: You need to specify an account and a password, maybe something like show below (no time to test right now). Note that public properties can be set when installing from the command line using msiexec.exe or via MSI dialogs:
<..>
<Property Id="SERVICEACCOUNT" Hidden="yes" Value="MyUser"/>
<Property Id="SERVICEPASSWORD" Hidden="yes" Value="MyPass"/>
<..>
<Component>
<ServiceInstall Name="MyService" Start="auto" ErrorControl="normal" Type="ownProcess"
Account="[SERVICEACCOUNT]" Password="[SERVICEPASSWORD]" >
</ServiceInstall>
<ServiceControl Name="MyService" Start="install" Stop="both" Wait="yes" Remove="uninstall" />
</Component>
Create Local Users: If you need to create local users on the machine you install on, you can use the WiX Util features. Perhaps see this sample on github. Search for "util:User".
Mandatory preaching :-): Personally I don't like services running with user credentials - both for security reasons and for practical reasons (managing the password change process without causing major service disruptions).
More in Section 12 here: How do I avoid common design flaws in my WiX / MSI deployment solution? Please check the links as well - maybe particularly on "managed service accounts"? (step-by-step).
Some Links: