Vista and Windows Server 2008 increase the security on the creation of HTTP listeners (HttpListener). If you try to run the Lansweeper service under a non-administrator account as you can with Windows Server 2003, you will encounter the error below:
5/21/2009 4:00:53 PM: Access is denied
at System.Net.HttpListener.AddAll()
at System.Net.HttpListener.Start()
at LansweeperService.Listen.DoListen()
at System.Threading.ExecutionContext.Run(ExecutionContext executionContext, ContextCallback callback, Object state)
at System.Threading.ThreadHelper.ThreadStart()
To workaround this issue under Vista or Windows Server 2008, you can authorize (reserve) your service account to create the HTTP listener the Lansweeper service needs.
At an admin command prompt enter the following command:
netsh http add urlacl url=http://*:<port#>/ user=domain\service-account
ex.:
netsh http add urlacl url=http://*:9524/ user=contoso\svc-lansweeper
After applying the netsh command and given your Lansweeper service account modify rights to the installation folder (for write permissions to the log file) and "Log On As A Service" right in the Local Security Policy, you will then be able to start the Lansweeper service under an non-admin domain account.
To display the reserved HTTP listener URL enter the following command:
netsh http show urlacl
You should see similar output as below:
Reserved URL : http://*:9524/
User: CONTOSO\svc-lansweeper
Listen: Yes
Delegate: No
SDDL: D:(A;;GX;;;S-1-5-21-1308237860-4193317556-336787646-243859)
See: "add urlacl"
http://msdn.microsoft.com/en-us/library/cc307223(vs.85).aspx -Joe
