Hi,
I have a service that need to access the current user registry from time to
time.
But a service only works as a SYSTEM and not as the current user.
How can i change that? Or at the very least get the service to launch an
application as the current user and not the SYSTEM
Many thanks
Sims
15  1985 
You can always start a service as a particular user. Just goto services,
select your service and take the properties, there you can see a LogOn tab,
and choose Log on as "This account" option, and give the user name, passwd.
"Sims" <si*********@hotmail.com> wrote in message
news:u0**************@tk2msftngp13.phx.gbl... Hi,
I have a service that need to access the current user registry from time
to time.
But a service only works as a SYSTEM and not as the current user.
How can i change that? Or at the very least get the service to launch an
application as the current user and not the SYSTEM
Many thanks
Sims
You can always start a service as a particular user. Just goto services,
select your service and take the properties, there you can see a LogOn
tab, and choose Log on as "This account" option, and give the user name,
passwd.
Thanks,
But how can i do that programmatically?
When i install the service i don't see an option to install it as 'This
account' rather.
I can do it manually but i want the install procedure to do it itself.
Sims
On Sat, 7 Feb 2004 09:49:32 UTC, "Sims" <si*********@hotmail.com> wrote: You can always start a service as a particular user. Just goto services,
select your service and take the properties, there you can see a LogOn
tab, and choose Log on as "This account" option, and give the user name,
passwd.
Thanks,
But how can i do that programmatically?
When i install the service i don't see an option to install it as 'This
account' rather.
I can do it manually but i want the install procedure to do it itself.
Sims
Sims,
Recheck the CreateService call. There are two fields that are pointers
to the Account UserID and Password to run under. If these fields are
passed in as NULL, the SYSTEM Account is used. That is how you can
set up for a specific user. You can also change this later if need be.
An alternate method is to change the SID to get access of a specific
user. I've not figured all that out yet so I can't point you to a
source. That would be used when your service needs to work under
several different accounts at the same time.
Good luck,
David
> Recheck the CreateService call. There are two fields that are pointers
to the Account UserID and Password to run under. If these fields are
passed in as NULL, the SYSTEM Account is used. That is how you can
set up for a specific user. You can also change this later if need be.
An alternate method is to change the SID to get access of a specific
user. I've not figured all that out yet so I can't point you to a
source. That would be used when your service needs to work under
several different accounts at the same time.
Hi,
Thanks David and Tom for the replies.
The problem is that the user runs the install program. During the install i
instruct the service to be installed but i do not know the user password and
user name.
If i could retrieve it during install then it would be great, but i cannot.
Even if i had a 'runonce' option to install the service per user i still
would not be able to get the user name and password.
My install program cannot retrieve the user name and password.
Sims. I have a service that need to access the current user registry from time
to time.
But a service only works as a SYSTEM and not as the current user.
How can i change that? Or at the very least get the service to launch an
application as the current user and not the SYSTEM
Many thanks
Sims
Hi again,
Further to my posts...
Is there anyway that the [system] service could launch an application as the
current user?
Sims
Sims,
Just do what many other installs do: prompt the user appropriately for the
username and password for the user under which it is to run the service. If
you are running XP or later you can use the CredUIPromptForCredentials API
to validate the information give (invisibly of course - check the dwFlags).
Either that or you can go ahead and create the service and try starting it
check the return code...
SQL Server install does this as do many others. There is no way I know of to
bypass such a mechanism - even windows itself can do this during its own
install.
When the username / password is stored by CreateService, it is stored using
a "LSA Secret". This is information stored in a particular place in the
registry using reversable encryption and keys the system know but in this
case you don't - it is "safe".
- Tim
"Sims" <si*********@hotmail.com> wrote in message
news:#h**************@tk2msftngp13.phx.gbl... I have a service that need to access the current user registry from time to time.
But a service only works as a SYSTEM and not as the current user.
How can i change that? Or at the very least get the service to launch an
application as the current user and not the SYSTEM
Many thanks
Sims
Hi again,
Further to my posts...
Is there anyway that the [system] service could launch an application as
the current user?
Sims
"Sims" <si*********@hotmail.com> wrote in message
news:%2****************@tk2msftngp13.phx.gbl... Further to my posts...
Is there anyway that the [system] service could launch an application as
the
current user?
Sims
There is no need to do so, just create a new logon session by calling
Win32's API "LogonUser" and use the token obtained to impersonate.
Search the KB, it contains articles an samples on how to call LogonUser from
..NET.
Willy.
Sims,
It is not a good practice to access HKEY_CURRENT_USER from a service - what
happens if that user no longer has a local profile on the machine.
Additionally, the term "current user" does not always make sense for a
service - what happens if no user is logged on...
If you need to access the registry from the service, consider using
HKEY_LOCAL_MACHINE instead.
regards
roy fine
"Sims" <si*********@hotmail.com> wrote in message
news:u0**************@tk2msftngp13.phx.gbl... Hi,
I have a service that need to access the current user registry from time
to time.
But a service only works as a SYSTEM and not as the current user.
How can i change that? Or at the very least get the service to launch an
application as the current user and not the SYSTEM
Many thanks
Sims
It is not a good practice to access HKEY_CURRENT_USER from a service -
what happens if that user no longer has a local profile on the machine.
Additionally, the term "current user" does not always make sense for a
service - what happens if no user is logged on...
If you need to access the registry from the service, consider using
HKEY_LOCAL_MACHINE instead.
Didn't think of that, i will look at it.
Thanks
Unless you have a very specific requirement, use HKEY_LOCAL_MACHINE instead.
One of the ideas behind running a process under the SYSTEM account is that
it cannot do these types of things.
--
____________________
Klaus H. Probst, MVP http://www.vbbox.com/
"Sims" <si*********@hotmail.com> wrote in message
news:u0**************@tk2msftngp13.phx.gbl... Hi,
I have a service that need to access the current user registry from time
to time.
But a service only works as a SYSTEM and not as the current user.
How can i change that? Or at the very least get the service to launch an
application as the current user and not the SYSTEM
Many thanks
Sims
Unless you have a very specific requirement, use HKEY_LOCAL_MACHINE
instead.
One of the ideas behind running a process under the SYSTEM account is that
it cannot do these types of things.
I agree, but my problem goes all the way back to installation.
The users cannot install the service, (they cannot install anything in
fact), only the administrator can, so what i wanted to do was to run the
install as an administrator and ensure that the service gets started as
current user.
Maybe if i use HKEY_LOCAL_MACHINE it will solve the problem to a certain
level.
That should apply to future users.
Maybe my problem is more to do with installations rather than services
themselves.
For example when i installed MS Word it was installed for all users, (new
and old).
Sims
A service can spawn a process with a currently logged on user credentials
(if that's what you want), without need to know those credentials.
To start a _service_ with user's credentials, the user also should have
"Logon as service" privilege, which you may not want to allow.
"Sims" <si*********@hotmail.com> wrote in message
news:ey*************@tk2msftngp13.phx.gbl... Unless you have a very specific requirement, use HKEY_LOCAL_MACHINE
instead.
One of the ideas behind running a process under the SYSTEM account is
that it cannot do these types of things.
I agree, but my problem goes all the way back to installation.
The users cannot install the service, (they cannot install anything in
fact), only the administrator can, so what i wanted to do was to run the
install as an administrator and ensure that the service gets started as
current user.
Maybe if i use HKEY_LOCAL_MACHINE it will solve the problem to a certain
level.
That should apply to future users.
Maybe my problem is more to do with installations rather than services
themselves.
For example when i installed MS Word it was installed for all users, (new
and old).
Sims
"Alexander Grigoriev" <al***@earthlink.net> wrote in message
news:O5**************@TK2MSFTNGP10.phx.gbl... A service can spawn a process with a currently logged on user credentials
(if that's what you want), without need to know those credentials.
How would you do that then?
To start a _service_ with user's credentials, the user also should have
"Logon as service" privilege, which you may not want to allow.
Indeed.
Idealy the service would sprawn a process with the currently logged in user.
Thanks
Sims
You need to get a token for a currently logged on user. Then call
CreateProcessAsUser
To get a token you may need to open the current window station in the
current terminal session, and quite a few more steps. I don't remember all
of that.
"Sims" <si*********@hotmail.com> wrote in message
news:eB**************@TK2MSFTNGP10.phx.gbl...
"Alexander Grigoriev" <al***@earthlink.net> wrote in message
news:O5**************@TK2MSFTNGP10.phx.gbl... A service can spawn a process with a currently logged on user
credentials (if that's what you want), without need to know those credentials.
How would you do that then?
To start a _service_ with user's credentials, the user also should have
"Logon as service" privilege, which you may not want to allow.
Indeed.
Idealy the service would sprawn a process with the currently logged in
user.
Thanks
Sims
"Sims" <si*********@hotmail.com> wrote in message
news:ey*************@tk2msftngp13.phx.gbl... Unless you have a very specific requirement, use HKEY_LOCAL_MACHINE
instead.
One of the ideas behind running a process under the SYSTEM account is
that it cannot do these types of things.
I agree, but my problem goes all the way back to installation.
The users cannot install the service, (they cannot install anything in
fact), only the administrator can, so what i wanted to do was to run the
install as an administrator and ensure that the service gets started as
current user.
OK. But this is a separate problem - why not use MSI? It has built-in
support for that kind of thing. That's how you can install Office on a box
without requiring the user to be an admin.
--
____________________
Klaus H. Probst, MVP http://www.vbbox.com/ This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: mailme.faisal |
last post by:
I have created a service that create a process.
The service is running in local system account & it also create the
new process in system account.
In process i have to access network resource ....
|
by: Doug Bailey |
last post by:
I am trying to control a Windows Service via a Web Service interface.
(I am developing in .NET2003) I am using the ServiceController object
which allows me to read the state of the services with...
|
by: Andrew |
last post by:
Hey all,
Requesting help from the VB.Net gurus in here. I was given a task to write
a Windows Service (VB.Net) that would run an external program, and if that
program closed for any reason...
|
by: Sims |
last post by:
Hi,
I have a service that need to access the current user registry from time to
time.
But a service only works as a SYSTEM and not as the current user.
How can i change that? Or at the very...
|
by: UJ |
last post by:
Is there any way for a windows service to start a windows program ? I have a
service that will need to restart a windows app if it needs to.
TIA - Jeff.
| | |
by: deko |
last post by:
When to use a privileged user thread rather than a windows service?
That's the question raised in a previous post . It was suggested that if the service needs to interact
with a WinForms app...
|
by: Rob R. Ainscough |
last post by:
I have a VS 2005 Windows Service with a Installer project as part of my
solution. The Service installs fine but I can't seem to make either of
these work:
1. Have the service start after...
|
by: JamesB |
last post by:
I am writing a service that monitors when a particular app is started.
Works, but I need to get the user who is currently logged in, and of course
Environment.UserName returns the service logon...
|
by: =?Utf-8?B?bXVyYWRqYW1lcw==?= |
last post by:
Yes, sorry I tried to make it clear in the original question that I want to
get the user token of the service - ie. the account the service is running
under. I know services don't have user tokens...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| | |
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: TSSRALBI |
last post by:
Hello
I'm a network technician in training and I need your help.
I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs.
The...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
| |
