Running self-hosted OWIN Web API under non-admin account

It looks like the problem was with the URL reservation. I didn't need one. If there is a URL reservation, it will just prevent the owin host from starting with the access denied error. Also, the default port for owin host is 5000. If there is a "dead" process that is still running on that port, it will block your service from starting. To check you can run netstat -a -b at the command prompt.


Your service is running (most likely) under the LocalSystem (SYSTEM) account. This account is not in the Everyone security principal.

In short, to solve this, either make the namespace reservation for Anonymous Logon or change your service to run under the Network Service account which happens to be in the Everyone principal.

Third option is, of course, to create a new local/domain user, create the reservation for it and have the service run under this account. But then you'd have to worry about setting proper security permissions for it, so I'd go with one of the first two options.


Run this command line under admin

netsh http add urlacl url=http://*:8080/ user=MyUser