the MSMQ service (called Microsoft Message Queue Service) and the SQL Server service (called MSSQLServer) both run under a user account. Both the SQL Server service and the MSMQ service can run under the local system account, or a specific user account. Setup installs the MSMQ service to run under the local system account.
The following table shows the advantages and disadvantages for using the local system account to log on the MSMQ service.
Table 5.7
| local system account advantages | local system account disadvantages |
| The local system account belongs to the local administrators group. | Queues that restrict the Get Properties and Get Permissions permissions cannot be managed by MSMQ services that run under the local system account on MSMQ independent clients and MSMQ servers. |
| The local system account already has the required rights to run as a service. | Communication with other MSMQ computers is less reliable. When a domain account is used on both computers running MSMQ, the communications between the two services is more reliable. |
| The local system account already has the "Generate security audits" right. |
The following table shows the requirements and advantages of using a user account to log on the MSMQ service.
Table 5.8
| User account requirements | User Account advantages |
| The account should be added to the local administrators group on the computer. | The Get Properties permissions can be granted selectively to certain queues. Only MSMQ services that run under the proper user account can handle those queues. |
| The account should be granted the "Log on as a service," "Act as part of the operating system," "Create a token object," "Increase quotas" and "Generate security audits" rights. |
Note If you use Control Panel to specify the account MSMQ logs on under, the "Log on as a service" right is granted automatically for the account you are currently using, but you must specify the other rights.