Curles, Michael L
2004-09-21 15:57:04 UTC
Hi,
I have the need for servlet access to pull information off a network drive. The servlet works fine when Tomcat
is started from a "console window" but fails when Tomcat is started as "service." I would rather run Tomcat as a
"service" if possible.
I see that by default, all Tomcat "services" are registered to run as the system user (the LocalSystem account). The LocalSystem account has no privileges to your network via any Windows-secured mechanism.
I found some Apache documentation for setting up servlet network services access that stated the following:
"You may want to create a separate account for running Apache service(s). Especially, if you have to access network resources via Apache, this is strongly recommended.
1. Create a normal domain user account, and be sure to memorize its password.
2. Grant the newly-created user a privilege of 'Log on as a service' and 'Act as part of the operating system.'
On Windows NT 4.0 these privileges are granted via User Manager for Domains, but on Windows 2000 and XP you
probably want to use Group Policy for propagating these settings.
3. Confirm that the created account is a member of the Users group.
4. Grant the account read and execute (RX) rights to all document and script folders
(htdocs and cgi-bin for example).
5. Grant the account change (RWXD) rights to the Apache logs directory.
6. Grant the account read and execute (RX) rights to the Apache.exe binary executable."
I have tried to duplicate this procedure for Tomcat thinking this will resolve my network access problem
via a servlet. I'm using Windows 2000 and XP and are unable to locate the 'log on as service' and 'act as part of
the operating system' menu references mentioned above...
I'm using Tomcat 5.0.28 on Windows 2000 and XP at the moment...
Any ideas on resolving this issue would be appreciated...
Regards,
Mike
I have the need for servlet access to pull information off a network drive. The servlet works fine when Tomcat
is started from a "console window" but fails when Tomcat is started as "service." I would rather run Tomcat as a
"service" if possible.
I see that by default, all Tomcat "services" are registered to run as the system user (the LocalSystem account). The LocalSystem account has no privileges to your network via any Windows-secured mechanism.
I found some Apache documentation for setting up servlet network services access that stated the following:
"You may want to create a separate account for running Apache service(s). Especially, if you have to access network resources via Apache, this is strongly recommended.
1. Create a normal domain user account, and be sure to memorize its password.
2. Grant the newly-created user a privilege of 'Log on as a service' and 'Act as part of the operating system.'
On Windows NT 4.0 these privileges are granted via User Manager for Domains, but on Windows 2000 and XP you
probably want to use Group Policy for propagating these settings.
3. Confirm that the created account is a member of the Users group.
4. Grant the account read and execute (RX) rights to all document and script folders
(htdocs and cgi-bin for example).
5. Grant the account change (RWXD) rights to the Apache logs directory.
6. Grant the account read and execute (RX) rights to the Apache.exe binary executable."
I have tried to duplicate this procedure for Tomcat thinking this will resolve my network access problem
via a servlet. I'm using Windows 2000 and XP and are unable to locate the 'log on as service' and 'act as part of
the operating system' menu references mentioned above...
I'm using Tomcat 5.0.28 on Windows 2000 and XP at the moment...
Any ideas on resolving this issue would be appreciated...
Regards,
Mike