Hello, please, can anybody help me to find out if is it possible to run process under another account from process running under "local system account" ? For example MSSQLSERVER trigger is running under "local system account" and is firing javascript which ought to run under "domain\user" account. thank you miso
run process under another account from process running under "local system account"
3 posts
• Page 1 of 1
- IBM PC
- mac
- IBM PC
- PERL
- Win32 Programming
- Exchange 2000
- WINDOWS VISTA
- jobs
- unix
- WINDOWS SERVER
Jump to:
- 1. How to config windows firewall allow dhcp services?
I have windows 2003 std with the sp that includes windows firewall. How do I set the firewall up so that it allows dhcp services to work normally? There is the exception list but that does not list all services like dhcp etc. - 2. Setting up IIS 6.0 tutorial
Hi, is there any good tutorial for a semi-newbie on how to set up IIS 6.0 on a windows 2003 server to make it as safe as possible? I mean a step-by-step guide to follow that will make the webserver safe. Thanks /Surre - 3. Software Restriction Policy with custmized messages?
Hi, I am testing the software restriction policy at the moment and didn't found a solution for following: 1) Is it possible to customze the message displayed when somebody trying to open a restricted file extension? Would like to insert a telephone number for that. 2) When I am trying to open a link which is allowed, but the link is trying to open an extension on a different location where it is not allowed, the user is not getting a message from the restriction policy in his session. otherwise SRP is really working fine. What could be done to solve my problems? best regards Rainer - 4. SPNEGO without a domain
I tried posting this in the Access Security forum last week, but didn't hear anything back, and thought maybe someone here would have some ideas? Thanks! Hello, Having a problem with Kerberos/SPNEGO authentication with a Windows XP client. We have a non-Windows KDC and both Windows and non-windows clients. On a unix-type machine, if I run kinit and authenticacate with the KDC, I will get a TGT. Then, when I go to another intranet website that also requires kerberos authentication, I am automagically given an HTTP ticket (which I can see when I run klist) and allowed in the site. I want this same functionality from winxp. I need this same functionality on a non-domained windows client (and maybe domained ones as well, actually). I've installed kerbtray which I think is whats given me the ability to do the kinit/klist stuff on windows.. I really have no idea what to change. I've modified some firefox settings to allow the browser to do spnego (setting network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris). Does anyone know of a set specific instructions about this? If this is the wrong forum for this type of question, also please let me know. Thanks :) :) -- Emily
Next
run process under another account from process running under "local system account"
by Michal Valent » Sun, 25 Jan 2009 00:25:30 GMT
Re: run process under another account from process running under "local system account"
by Al Dunbar » Sun, 25 Jan 2009 03:24:16 GMT
One process can certainly launch a new process under the credentials of another user. The method would depend on the nature of these processes. In the simplest case, any account with sufficient privileges to create a scheduled task can create a task with alternate credentials. Under some circumstances, a single process can do some of its work with alternate credentials, however, this is somewhat limited by the available tools. For example, one can map a share under alternate credentials, and perform folder and file management on the share as if it had the privileges itself. In what context is "MSSQLSERVER trigger" running - as a service, scheduled task, interactive session, or something else? And in what mode(s) can the javascript run? /Al
Re: run process under another account from process running under "local system account"
by Michal Valent » Tue, 27 Jan 2009 18:41:20 GMT
> In what context is "MSSQLSERVER trigger" running - as a service, scheduled The "MSSQLSERVER trigger" running - as a service The javascript is fired from the trigger : CREATE TRIGGER [myUpdate] ON [dbo].[myTable] FOR UPDATE AS IF UPDATE ( myCol ) BEGIN DECLARE @cmd as varchar(1000) declare @myColVal as varchar(20) declare @myTS as varchar(30) SET @myColVal = (SELECT myCol FROM inserted) SET @myTS = (select convert(varchar(30), getdate(), 121)) SET @myTS = REPLACE(@myTS, ' ', '_') SET @cmd = '"C:\myScripts\myCallsToWebServices.js" ' + @myColVal + ' ' + @myTS EXEC master..xp_cmdshell @cmd END
Similar Threads:
1.Running processes from system account
Hi all, I have a progam running as service under system account that is also interactive. A logged on user can choose to open a help file (.chm) from within an interactive window of this service, but it wont run. I used ShellExecute with "open" command because it knows which executable to run in order to open the .chm file. It seems to me that there's a problem with security settings with the system account. If my program is run as "normal" application then it works fine. Does anyone know how to solve security issues of this kind? Any help appreciated. Thanks, J.
2.Process running under Adminstrator account
I disabled the administrator account for security reasons. At the same time
the event log shows failed administrator logon attempts. Attempts repeat
every 2 till 5 hours. The calling process has PID 944 which I looked up as
svchost process.
This refers to the following services:
svchost.exe 944 AeLookupSvc, AppMgmt, BITS, Browser,
CryptSvc, dmserver, EventSystem, helpsvc,
lanmanserver, lanmanworkstation, Netman,
Nla, RasMan, RemoteAccess, Schedule,
seclogon, SENS, ShellHWDetection,
winmgmt,
wuauserv
I can not find any service that starts with Administrator account.
Does someone have any suggestions?
3.Tell if the process is running in a Guest account
I've been told earlier that to determine if the current process is running in a Guest account I need to call OpenProcessToken GetTokenInformation But what parameters should I actually call it with?
4.Running a service as Local System account on Windows Server 2003
Windows Server 2003. Not sure if this is the correct group for my question as it is part server 2003 configuration/security and maybe part programming. I have a small c++ application I wrote that installs as a service. It monitors another machine and periodically copies files from that machine. The application has a GUI that reflects the status of the other machine and file copies. The problem is if I set the service Logon proerties as "Local System account" and "Allow service to interact with desktop" my program cannot access the other machines shared directory. If I set the Logon property to a specific account then all works well. I am looking for a method that will allow me to copy the files from the share and interact with the desktop. TIA.
5.Download file from NT Service running under Local System Account
Hi All, When a NT service program runs under the local system account it cannot access network resource either via UNC path or a network mapped drive. Is there any way around to access network resource for the service program? I writeen a NT service in VC++ , and i want to download a file from Internet website. But my service running in local system account. I want help in change service running under local system account to current user to download file and change it back to local system account from VC++ code. Please give details for this in VC++ programming not from services utility of NT. A.V. Suresh
6. Running NET localgroup command from a logon batch script as local system account
7. Run service interactive with user account - not local system
3 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 90 guest