I want to run the service Collector Sidecar as another user on Windows because it runs as Local System by default which can be dangerous.
I give the following rights to the user:
- full control on C:\Program Files\Graylog
- full control on C:\Program Files\nxlog
- full control on the security descriptor of the nxlog service
- GPO: Act as part of the operating system
- GPO: Bypass traverse checking
- GPO: Log on as a batch job
- GPO: Log on as a service
- GPO: Replace a process-level token
However it does not work.
When I click on Start service from services.msc, Windows says error 1053 the service timeout.
It only works with the nxlog service.
If I put my user in the administrators group then everything works fine.
Do you have any ideas ?
Can I have some information about what the installer exactly do ? Where can I find the source of the installer ?
Files are only created in the installation path ?
Does it requires an other directory to work ? For example a temporary directory ?