Domain Controller Security Policy Fix
If you're running FogBugz on Windows Server 2003 on a domain controller, you may need to adjust the Domain Controller Security Policy to allow the FogBugz user to run on the DC.
Symptoms:
When you restart the server, services, such as the FogBugz Maintenance Service, don't automatically restart.
The FogBugz Maintenance Service is unable to log on to <domain>\FogBugz because of unknown user name or password.
Solution:
If the AppPool is running with that user identity, you also have to change the Domain Controller Security Policy to allow that user to run on the DC.
- Open "Domain Controller Security Policy" under Administrative Tools.
Open: Security Settings -> Local Policies -> User Rights Assigment Add your FogBugz user to "Allow log on locally". Add your FogBugz user to "Log on as a service". In the "Run" box, enter: secedit /refreshpolicy MACHINE_POLICY /enforce
Assuming all went well, you should be fine. If you have a domain-level Domain Controller GPO, you'd need to make the same modifications there.
Thanks to Matt Lavallee and Karthik for the problem and solution.
