Cisco Cisco Security Manager 4.0 Guía Para Resolver Problemas

2. Few services show ./casuser under Log On As column, per the output of services.msc, as
shown in the image.

Services which would not start:

CmfDbEngine, rptDbEngine, AusDbEngine and vmsDbEngine

Note: casuser- the casuer user account is equivalent to a Windows administrator and provides access to all
Common Services and Security Manager tasks. You do not normally use this account directly. 

3. Windows Event log:

Navigate to  Event Viewer > Windows Logs > System (look for Error level)

The vmsDbEngine service was unable to log on as .\casuser with the currently configured password

due to the following error:

Logon failure: the user has not been granted the requested logon type at this computer.

: vmsDbEngine

: .\casuser

This service account does not have the required user right "Log on as a service."

 

Assign "Log on as a service" to the service account on this computer. You can use Local Security

Settings (Secpol.msc) to do this. If this computer is a node in a cluster, check that this user

right is assigned to the Cluster service account on all nodes in the cluster.

If you have already assigned this user right to the service account, and the user right appears

to be removed, check with your domain administrator to find out if a Group Policy object

associated with this node might be removing the right.

Similar events are observed for CmfDbEngine, rptDbEngine and 

CSM 4.8 onwards, few CSM services are run by casuser and it is an expected behavior.

These are few of the services which are run by casuser :

CmfDbEngine, rptDbEngine, AusDbEngine and vmsDbEngine

Casuser requires permission to run the above services, therefore, it needs to be set for these
Policy:

Log on as a service

The new installation or the upgrade to 4.8, automatically sets casuser for Log on as a service
Policy.

Navigate to Computer Configuration > Windows Settings > Security Settings > Local
Policies > User Rights Assignment.