I have a UAC-enabled Server 2008 R2 machine with Splunk splunk-4.1.7-95063-x64-release installed.
I am using a low-privilege (just the minimum listed in the docs, http://www.splunk.com/base/Documentation/latest/Installation/InstallonWindows#Choosing_the_user_Splunk_should_run_as).
This seems fine for splunkd, it can run, open port 8089, and appears to be indexing.
The splunkweb service never opens a port and seems to generate these errors every time it starts. Apparently it wants to query the Service Control Manager.
When I run the service interactively I get a UAC prompt.
asked 26 Feb '11, 20:41
Have you tried re-entering the password for the service account in the Services Control panel?
answered 26 Feb '11, 21:07