Installation problem on Windows XP

Vinny Abello vinny at tellurian.com
Sat Jun 9 06:20:08 UTC 2007 

Danny Mayer wrote:
> Vinny Abello wrote:
>> You need to install BIND using an account with administrative privileges
>> but specify a non privileged account for it to run under. They are two
>> different things. Login to the workstation with an account that you are
>> sure has rights to install software. It sounds like the install program
>> cannot create the necessary keys in the registry for the service.
>>
> 
> BINDInstall creates the account for you if it doesn't exist and sets the
> privileges appropriately. The account used to install BIND needs to have
> privileges but the account used for the named service needs restricted
> privileges which the installer creates for you. You need to set the
> permissions on the created directories in order for named to write files
> to when running since that account is what is used to access and write
> the files.
> 
> Technically you are correct in the sense that user accounts are stored
> in the registry though most people don't know that. That part of the
> registry needs special privileges to add accounts.

I was actually referring to the fact that non privileged accounts cannot
create registry keys in HKLM\SYSTEM\CurrentControlSet\Services. I
thought the installer couldn't create the service. I see what you mean
and what I initially missed is that the installer is erroring out
because the non-privileged account already exists since Simon created it
manually.

It's been so long since I installed a new copy of BIND from scratch. I
always update my existing copies where the account already exists and
the installer doesn't complain. :)

> 
> Danny
> 
>> Simon Renshaw wrote:
>>> Hi,
>>>
>>> I'm trying to install the latest version of bind but I'm having some
>>> problems.
>>>
>>> I want to install it on a Windows XP Pro SP2 machine that is part of a
>>> domain.
>>>
>>> I've read the readme file where it states that I need to use a user with
>>> restricted rights to install it.
>>>
>>> First, I created a normal user in the domain and I tried to log with it.
>>> I got a "unable to create service account" error.
>>>
>>> Then I created a local restricted user on the machine and I still got
>>> the "unable to create service account" error.
>>>
>>> I've looked at the site and the doc but I haven't found detailed
>>> installation instructions.
>>>
>>> So, what should I do?
>>>
>>> Thanks!
>>> Simon
>>>
>>>
>>>
> 
> 
> 
>

More information about the bind-users mailing list