Starting a service with ordinary user rights

I create a service which use RPC(like sdk sample rpcsvc) and when I work as administrator it works fine .Then I try to start the service when I was logged in as a ordinary user.But when I do "net start simplerpcservice" I receive "Acces denied" . What should I do?
buzaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

MDarlingCommented:
Give yourself the same access as the administrator account, specifically
"act as part of the operating system".

regards,
mike.
0
jhanceCommented:
Only the administrator or members of the administrator group can start services.  As an ordinary user, you don't have the privilege of doing this.

You can do a couple of two things:

1) Give this user account the SE_TCB_NAME (a.k.a."Act as Part of Operating System) privilege.

2) As administrator install the service into the Service Control Manager (SCM) database and have it started by the operating system automatically.

#2 is more secure as you don't have to give ordinary users the dangerous SE_TCB_NAME privilege.
0
buzaAuthor Commented:
Can somebody give me an way to do that without give to the user the right to "Act as Part of Operating System"?
In fact I try to load a driver as a user and I want to do what via  servicies.I think about semaphores and something like that.(It must be  a way to monitorize from servicies a request from a user and then execute administrator code)
0
Python 3 Fundamentals

This course will teach participants about installing and configuring Python, syntax, importing, statements, types, strings, booleans, files, lists, tuples, comprehensions, functions, and classes.

jhanceCommented:
2) As administrator install the service into the Service Control
                             Manager (SCM) database and have it started by the operating
                             system automatically.

                             #2 is more secure as you don't have to give ordinary users the
                             dangerous SE_TCB_NAME privilege.
0
buzaAuthor Commented:
Thanks Jhance.I am sorry but I wasn't clear.
I want to load dinamicaly a driver via a service.I dont want to start it at startup.
By now I create a SYS which takes a lot of memory and that's why I need to load it only when I use it.Could I put a flag (semaphore) in my exe service and when this is modified as a user , my service load the driver?(My service could monitorize a file with a timer but I dont want to do what...)
In fact I dont know how to signal a service from an user account.
Please help.
0
MDarlingCommented:
You could do the following...

install your service so that it runs automatically at system startup.

in your service

1) create a named event in the unsignalled state.

2) wait for the event to become signalled (WaitForSingleObject(...))

in your user exe

1) create the event with same name giving you a handle to the event created by the service

2) set the event - thus causing your service to continue execution - which would of course then load the driver



hope this helps.
regards,
mike.
0
buzaAuthor Commented:
Hi,mike
I already do that but my problem is  I couldnt create the event from user mode with the handle of service (which is in administrator mode) .I receive error number 5 (acces denied) . I think that your solution is good , but I didnt work to much with events so I think I do something wrong. Please, give me a source code (how  you do that )

thanks a lot  
0
NT_ProgrammerCommented:
I know how to signal your service from any user account.  But you will have to bump the points to 400.  I'll give you all the working code.  I'm currently doing it with my services
0
jhanceCommented:
buza,

Before you cough up 400 pts. for "NT Programmer", you may want to check out the article and source code here:

http://www.sysinternals.com/regmon.htm

If I understand what you are now saying, this may be the technique you are looking for.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
MDarlingCommented:
in your service

HANDLE hEvent=CreateEvent(0,0,"MyEvent");

WaitForSingleObject(hEvent,INIFINITE);
// code continues here...


in your user mode app

HANDLE hEvent=CreateEvent(0,0,"MyEvent);
// above gets handle to already created event

// set the event - thus ending the WaitForSingleObject in your service
SetEvent(hEvent);

Is this what you tried?

regards,
Mike.
0
jhanceCommented:
So if my comment was so lousy that it deserved a "D" grade, why did you even accept it?

Remind me to ignore any further questions _YOU_ might post!

0
NT_ProgrammerCommented:
A "D" on a 20 point question!!!!

HAAAAA HAAAAA HAAAAA

and now you wonder why I make them bump up the points before I give them the answer.

And BTW, I don't just give a URL to someone else's article.  I was offering to give working code that buza could drop right in and run with.
0
jhanceCommented:
NT,

Yes, I can see from your Expert points total that this tactic is working well for you.....

Not only that but it's not a 20 pt. question but a 200 pt. question!  You don't seem to realize that the point values are divided by 10 after the answer is accepted.

Better luck next time...

0
buzaAuthor Commented:
for Jhance:
Sorry for "D" .I try to give a "B" but I am so busy and I do a mistake.Your answer didnt satisfied me to give you an "A" because you make me study a complex  source code .I like that programming steps to be concrete written.
Bye,
Buza
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft Development

From novice to tech pro — start learning today.