469,627 Members | 943 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 469,627 developers. It's quick & easy.

How to start/stop windows service on a remote machine?

Hi all,
I have a web app running on a local PC that can start and stop windows service on a remote machine, but only when I browse to it locally. If I browse to it from my other PC and try to start/stop the service, it gives me "Cannot open Service Control Manager on computer 'xxx.xxx.xxx.xxx'. This operation might require other privileges." error.

Helpfull info:
- I am an admin on all 3 PCs
- web app is using "Windows" authentication (Integ. Win. Auth. turned ON in IIS, Anonimous Auth. turned OFF), plus "impersonation"
*** from web.config ***:
<authentication mode="Windows" /
<identity impersonate="true" />
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>

Now, I can make it work, if I add user name and password to impersonation part:
<identity impersonate="true" userName="xxxx" password="xxxx" />
but I need the app to impersonate multiple people (admins), and not one person.

Also, when I don't provide userName and password, event viewer one a remote machine logs "ANONIMOUS LOGON" entry, but when I do provide userName and password the event viewer logs "<MyDomainUser>" entry. All is entered under "Security" log file.

I triple checked my IIS settings, and they see to be fine. What am I doing wrong?

Thanks
Goran
Feb 21 '07 #1
3 11614
window authentication does not allow credentials forwarding. you need to
switch to basic or kerberos and in the case of kerberos enable
forwarding on the servers.

-- bruce (sqlwork.com)
Goran Djuranovic wrote:
Hi all,
I have a web app running on a local PC that can start and stop windows
service on a remote machine, but only when I browse to it locally. If I
browse to it from my other PC and try to start/stop the service, it
gives me "Cannot open Service Control Manager on computer
'xxx.xxx.xxx.xxx'. This operation might require other privileges." error.

Helpfull info:
- I am an admin on all 3 PCs
- web app is using "Windows" authentication (Integ. Win. Auth. turned ON
in IIS, Anonimous Auth. turned OFF), plus "impersonation"
*** from web.config ***:
<authentication mode="Windows" />
<identity impersonate="true" />
<authorization>
<allow users="*" />
<deny users="?" />
</authorization>

Now, I can make it work, if I add user name and password to
impersonation part:
<identity impersonate="true" userName="xxxx" password="xxxx" />
but I need the app to impersonate multiple people (admins), and not one
person.

Also, when I don't provide userName and password, event viewer one a
remote machine logs "ANONIMOUS LOGON" entry, but when I do provide
userName and password the event viewer logs "<MyDomainUser>" entry. All
is entered under "Security" log file.

I triple checked my IIS settings, and they see to be fine. What am I
doing wrong?

Thanks
Goran

Feb 21 '07 #2
Hello Goran,

I've also found your another cross thread in the
microsoft.public.dotnet.framework.aspnet.security newsgroup. This is a
typical double hop issue of windows authentication. I have posted some
information and suggestion in that thread. Please feel free to followup
there if there is anything else we can help.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no rights.

Feb 22 '07 #3
Thanks guys. I have posted some additional questions on cross thread in the
"microsoft.public.dotnet.framework.aspnet.security " group.

Goran Djuranovic

"Steven Cheng[MSFT]" <st*****@online.microsoft.comwrote in message
news:1y**************@TK2MSFTNGHUB02.phx.gbl...
Hello Goran,

I've also found your another cross thread in the
microsoft.public.dotnet.framework.aspnet.security newsgroup. This is a
typical double hop issue of windows authentication. I have posted some
information and suggestion in that thread. Please feel free to followup
there if there is anything else we can help.

Sincerely,

Steven Cheng

Microsoft MSDN Online Support Lead
This posting is provided "AS IS" with no warranties, and confers no
rights.

Feb 22 '07 #4

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by Mark | last post: by
16 posts views Thread by Serdar Kalaycý | last post: by
3 posts views Thread by tshad | last post: by
3 posts views Thread by Billy Bob | last post: by
reply views Thread by gheharukoh7 | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.