Secondary Logon

The Secondary Logon (seclogon) service enables processes to be started under alternate credentials. This allows a user to create processes in the context of different security principals. A common use of this service is by administrators who may log on as restricted users but must have administrative privileges to run a specific application. They can use a secondary logon to temporarily run such applications. If the service is disabled, this type of logon access is unavailable and calls to the CreateProcessWithLogonW API fail.

This service starts when a program or application is started by using the Run as different user option in the extended context menu (which can be opened by holding down the shift key when you right-click an item).

This service is installed by default and its startup type is Manual.

When the Secondary Logon service is started in its default configuration, it logs on by using the Local System account.

This service is not dependent on any other system service, nor is any service dependent on it.

Related content