How do I fix the error:1069 - The service did not start due to logon failure?

Asked 2/9, 2014 at 8:33 Answered 27/4 at 13:33

I have written my own windows service which interacts with a SQL database and updates it. The service was running fine and seems to be functioning correctly, however of late it seems to go down at random times and cannot restart due to the error designated in the question. I have tried various searches to fix this, but unfortunately I have come up with nothing. The aim is to eventually having this service running on my companies server, but I can't adjust any server settings, I am but a user on the server, so I have restrictions to some settings.

Any quick fixes, would be helpful!

Sweepstakes answered 2/9, 2014 at 8:33 Comment(0)

Open the Services Manager. ( Win + R, then type services.msc )
Then right click on the SQL Server process and click Properties

Then go to Log On, and select This account:
Then click Browse, and add your username in the box. (Notice it should contain the domain, in my case is AD\myusername), then Check Names and accept.
Finally type your password in the other two fields, and that's it, you should have permission to start your process now.

Cheers!!

Industry answered 22/1, 2019 at 18:50 Comment(3)

Thank you @Roberto Rodriguez – Macymad 23/9, 2020 at 16:0

And then your company's domain password policy forces you to change you password and the service will no longer start again (until you update the service properties). Maybe OK for a development machine but not for production use. – Astrosphere 29/6, 2022 at 19:28

@BruceLoth Actually my dev environment is where this is a problem lol. I restart the Oracle services regularly and constantly need to refresh the user that the domain policy wiped out. Any advice to permanently add the user? Or, to add the user as a .bat file command? – Lurdan 24/6, 2023 at 22:47

Error 1069 is vague and can have different causes. I am sharing my experience here.

I encountered this error when trying to get a service to run under my account (I am trying to get my services to see the same LocalDB as interactive processes running on my account for development purposes). I use an MSA (Microsoft Account) with Windows’s PIN login normally, so I rarely enter my Windows password. To resolve the issue, I locked my screen, selected Password input instead of PIN input, and then entered my password. I assume this somehow reminded Windows what my password was and made my local account more legit.

Before doing this, you need to configure the user account in question to have the Logon as Service privilege. To do this, open the Group Policy Editor. Expand Computer / Windows Configuration / Security Configuration / Local Policies / User Permissions Assignment and then open Login as Service. From there, you can add your user in question.

Ultramundane answered 28/2, 2019 at 15:11 Comment(3)

In Server 2016, Windows offered to do this for me when I configured the service to run under that account; however, this answer helped me verify that it did so. Thanks! – Comedietta 21/6, 2019 at 17:18

I'm probably having the same issue, but can't make it work, tried everything you said, Windows still throws error 1069 on me. – Smithson 17/6, 2020 at 13:20

Adding account to 'Logon as Service' helped me with this error. Thank you! – Chokefull 26/7, 2021 at 16:36

One issue for us was the format of the account user name, we initially used

domain\username

and got the 1069-logon error, then ultimately I tried validating the user name in the properties | logon tab of the Service (in Control Panel / Service Manager), using the "Browse" and "Search" for the user name and it turned it suggested and validated ok with the reverse format

username@domain

This also worked and resolved the 1069 error, and let us script the startup using sc.exe.

Punak answered 31/8, 2015 at 8:29 Comment(3)

Hey Mosca, Did you get exact root cause why username@domain is accepted and why domain\username is not accepted? – Eyre 20/2, 2019 at 7:49

I guess the service is not able to find out the user rights behind the 'domain\username' format, and it can with the @ format – Penelopepeneplain 9/5, 2019 at 13:53

Wow. I am still in shock that this worked. This "re-enter user name and Check Names" feels like the "turn it off and back on again" of the administration world. My service ran correctly the first time, but then could not run on startup. Now it does. Thank you! – Spokeswoman 26/5, 2022 at 20:22

also check for "Deny Logon service" policy. user should not be added over there

Plafker answered 26/9, 2019 at 14:31 Comment(1)

This was the issue on my server. The user was part of a group that was added to "Deny log on as a service". – Christabella 6/4, 2020 at 12:4

We had this issue as well because the account was set so that the password expired. After we updated the account to not expire and set the password this error stopped.

Sha answered 15/8, 2017 at 2:53 Comment(1)

Yeah, we had a password-related problem when the Domain Administrator password was changed, and a service was set to use that account specifically. The service ran happily until the server was restarted some time later. – Misteach 16/7, 2018 at 8:15

The account could also be locked out. To unlock it, you only need to change that user's password (new and old password can be the same).

What also worked for me was re-entering the password in the services->LogOn window. Even when you think the account and password is correct, re-entering it will re-grant the account permission to log on as a service.

Addictive answered 6/12, 2022 at 11:14 Comment(0)

One other possibility: if you are using a gMSA account that has just been created, remember that you need to install the service account on the running box (Install-ADServiceAccount).

Gorki answered 2/3, 2023 at 14:34 Comment(0)

To anyone else still struggling with this problem it's more-or-less because you use a PIN to sign in on Windows instead of a password.

For whatever reason your Windows Hello PIN will not work for Service Logon or /runas etc. In fact, you may only have a Windows Hello PIN!

After many days of struggling with this, here's my solution. Follow these steps in order.

(Have a password) Open Settings -> Accounts -> Sign-in options. "Password" option likely isn't showing or available. Scroll down to Additional settings and untoggle "For improved security, only allow Windows Hello sign-in for Microsoft accounts on this device". Close and Reopen Settings and go back to the Sign-in options. The password option should now show. Set one if you haven't. If it says
(Disable password expiration) More on this later and it may or may not be necessary, but I did it during the process and I can see it having an effect. Open Group Policy Editor (gpedit.msc) and go to Computer Configuration -> Windows Settings -> Security Settings -> Account Policies -> Password Policy. On the right pane should list "Maximum password age" likely set to 42. Set it to 0.
("Activate" the password) Click the Start Button -> Your User Icon -> And click Sign out (not Lock!). Log back in using your PASSWORD. If it's asking you to log in with your pin, click Sign-in Options under the field and you should see the option to.

Viola - That password should now work for runas, service logon as, etc.

I believe what's going on is Microsoft is trying to go passwordless even on Windows user profiles and it's somewhat shooting themselves in the foot in terms of compatibility. The password would 'expire' in terms of it being used for any authorization and then you only have a PIN left, which is a good thing as a PIN would be easily bruteable. Logging in with the Password enabled instead of the PIN effectively re-activates it and allows it to be used for authorization again.

Arrogance answered 25/8, 2023 at 18:16 Comment(0)

In my case, I just updated the windows account password which used for the agent and then inserted the new password at services - sql server agent - properties - account password

Aubree answered 27/4 at 13:33 Comment(0)

Recommended topics

Hot tags