Access denited when i try a remote shutdown 2 PC on the lan network

Posted on 2004-04-18
Last Modified: 2007-12-19
Dear expert exchange

when i use a 'InitiateSystemShutdown' api with a 2 PC (both windows 2000 operation system) the system report error 5 (access denited).I logged both administrator and i have a SE_REMOTE_SHUTDOWN_NAME privilege.The same problem also with windows xp professional.What can i do ?
Question by:MarcoPanza
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 4
  • 2
LVL 41

Expert Comment

ID: 10859032
Are you sure you sucessfully set the privilege?   Here is a VB.Net example that I use:

Imports System
Imports System.Diagnostics
Imports System.Runtime.InteropServices

Module SetPrivilegs
    <StructLayout(LayoutKind.Sequential, Pack:=4)> _
    Private Structure LUID_AND_ATTRIBUTES
        Dim Luid As Long
        Dim Attributes As Integer
    End Structure

    <StructLayout(LayoutKind.Sequential, Pack:=4)> _
    Private Structure TOKEN_PRIVILEGES
        Dim PrivilegeCount As Integer
        Dim Privilege As LUID_AND_ATTRIBUTES
    End Structure

    <DllImport("advapi32.dll")> _
    Private Function OpenProcessToken _
        (ByVal ProcessHandle As IntPtr, _
         ByVal DesiredAccess As Integer, _
         ByRef TokenHandle As IntPtr) _
        As Boolean
    End Function

    <DllImport("advapi32.dll")> _
    Private Function LookupPrivilegeValue _
        (ByVal lpSystemName As String, _
         ByVal lpName As String, _
         ByRef lpLuid As Long) _
         As Boolean
    End Function

    <DllImport("advapi32.dll")> _
    Private Function AdjustTokenPrivileges _
        (ByVal TokenHandle As IntPtr, _
         ByVal DisableAllPrivileges As Boolean, _
         ByRef NewState As TOKEN_PRIVILEGES, _
         ByVal BufferLength As Integer, _
         ByVal PreviousState As IntPtr, _
         ByVal ReturnLength As IntPtr) _
         As Boolean
    End Function

    Const TOKEN_QUERY As Integer = &H8
    Const TOKEN_ADJUST_PRIVILEGES As Integer = &H20
    Const SE_SHUTDOWN_NAME As String = "SeShutdownPrivilege"
    Const SE_PRIVILEGE_ENABLED As Integer = &H2

    Public Function SetPrivileges() As Boolean
        Dim hProc, hToken As IntPtr
        Dim luid_Shutdown As Long
        Dim tp As New TOKEN_PRIVILEGES

        ' get the current process's token
        hProc = Process.GetCurrentProcess().Handle
        hToken = IntPtr.Zero
        If Not OpenProcessToken(hProc, TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, hToken) Then
            Return False
        End If

        ' get the LUID for the Sutdown privileges (provided it already exist)
        luid_Shutdown = 0
        If Not LookupPrivilegeValue(Nothing, SE_SHUTDOWN_NAME, luid_Shutdown) Then
            Return False
        End If

        tp.PrivilegeCount = 1
        tp.Privilege.Luid = luid_Shutdown
        tp.Privilege.Attributes = SE_PRIVILEGE_ENABLED

        ' enable the privileges
        If Not AdjustTokenPrivileges(hToken, False, tp, 0, IntPtr.Zero, IntPtr.Zero) Then
            Return False
        End If

        Return True
    End Function

End Module

Author Comment

ID: 10861296
Yes i have a SE_REMOTE_SHUTDOWN_NAME privilege.There are 2 PC (for example A,B) with both windows 2000 , A can shutdown   B  , and B cannot  shutdown A(Access denited).The same source code was tested to 2 PC.But i don't understand the different between A and B.Why B don't shutdown A ?

Expert Comment

ID: 10862599
check the local security policies for the server itself? I believe the user/group that is being used would need to have the ability to "Force Shutdown from a Remote System"
Does Your Cloud Backup Use Blockchain Technology?

Blockchain technology has already revolutionized finance thanks to Bitcoin. Now it's disrupting other areas, including the realm of data protection. Learn how blockchain is now being used to authenticate backup files and keep them safe from hackers.


Expert Comment

ID: 10862604
and since you can do it to one computer, but not the other, compare the Security Policies for both of the PCs to see where the differences are at...

Author Comment

ID: 10862979
the line "Force Shutdown from a Remote System" is administrator and the i' dont see a significative differents on the Security Policies betwen the 2 PC.

Expert Comment

ID: 10863114
are you coding this using a specific language? from what I can see there are several languages that use the API you reference in your first post... if you are, you might want to have this moved to the appropriate area as it would possibly be more of an issue with the code.... also, reference to and see if anything there helps you figure out where the issue is at....

hope some of this helps...

Author Comment

ID: 10863344
This is my code:

  Public Function SpegniPC(ByVal NomePC As String, Optional AbilitaShutDownLocale As Variant, Optional Ritardo As Variant, Optional Messaggio As Variant) As Boolean
1       Const SE_PRIVILEGE_ENABLED = &H2
2       Const TOKEN_QUERY = &H8
4       Const SE_SHUTDOWN_NAME = "SeShutdownPrivilege"
5       Const SE_REMOTE_SHUTDOWN_NAME = "SeRemoteShutdownPrivilege"
        Dim TokenHandle As Long
        Dim VecchioTokenStuff As TOKEN_PRIVILEGES
        Dim VecchioTokenStuffLen As Long
        Dim NuovoTokenStuff As TOKEN_PRIVILEGES
        Dim NuovoTokenStuffLen As Long
        Dim Dimensione As Long
        Dim Privilegio As String
        Dim ForceGuest As String
        'Verifica i parametri opzionali
6       If IsMissing(AbilitaShutDownLocale) Then AbilitaShutDownLocale = False
7       If IsMissing(Ritardo) Then Ritardo = 0
8       If IsMissing(Messaggio) Then Messaggio = ""
9       SpegniPC = True
        'Elimina i backslash iniziali se esistono
10      If InStr(NomePC, "\\") = 1 Then
11          NomePC = Right(NomePC, Len(NomePC) - 2)
        End If
        'determina se il computer è locale o remoto
12      If (LCase(NomeComputerLocale) = LCase(NomePC)) Or NomePC = Empty Then
13          Privilegio = SE_SHUTDOWN_NAME
14      Else
15          Privilegio = SE_REMOTE_SHUTDOWN_NAME
        End If
        'esce se non è abilitato a spegnere il computer locale
16      If AbilitaShutDownLocale = False Then Exit Function
        'apre l' accesso al token corrente
17      If OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, TokenHandle) = 0 Then
18          MsgBox "OpenProcessToken Error: " & Err.LastDllError
            Exit Function
        End If
19      If LookupPrivilegeValue(vbNullString, Privilegio, VecchioTokenStuff.Privileges(0).pLuid) = 0 Then
20          MsgBox "LookupPrivilegeValue Error: " & Err.LastDllError
            Exit Function
        End If
21      NuovoTokenStuff = VecchioTokenStuff
22      NuovoTokenStuff.PrivilegeCount = 1
23      NuovoTokenStuff.Privileges(0).Attributes = SE_PRIVILEGE_ENABLED
24      NuovoTokenStuffLen = Len(NuovoTokenStuff)
25      Dimensione = Len(NuovoTokenStuff)

        'Abilita il privilegio di speglimento locale/remoto PC
26      If AdjustTokenPrivileges(TokenHandle, False, NuovoTokenStuff, NuovoTokenStuffLen, VecchioTokenStuff, VecchioTokenStuffLen) = 0 Then
27          MsgBox "AdjustTokenPrivileges Error: " ' & GetLastError()
            Exit Function
        End If
        'Disabilita la forzatura dell' utente guest per abilitare i privilegi dello shutdown remoto
28      ForceGuest = Registry_GetValue(HKEY_LOCAL_NomePC, "SYSTEM\CurrentControlSet\Control\Lsa", "forceguest")
29      If ForceGuest = "1" Then Registry_SetValueDword HKEY_LOCAL_NomePC, "SYSTEM\CurrentControlSet\Control\Lsa", "forceguest", &H0

        'Spegne il pc
30      If InitiateSystemShutdown(NomePC, Messaggio, Ritardo, True, False) = 0 Then
31          MsgBox "ShoutDown Fallito Errore " & Err.LastDllError
32          SpegniPC = False
        End If
        'Ripristina la forzatura dell' utente guest se disabilitata con le righe precedenti
33      If ForceGuest = "1" Then Registry_SetValueDword HKEY_LOCAL_NomePC, "SYSTEM\CurrentControlSet\Control\Lsa", "forceguest", &H1

        'disabilita i privilegi assegnati con le righe precedenti
34      NuovoTokenStuff.Privileges(0).Attributes = 0
35      If AdjustTokenPrivileges(TokenHandle, False, NuovoTokenStuff, Len(NuovoTokenStuff), VecchioTokenStuff, Len(VecchioTokenStuff)) = 0 Then
            Exit Function
        End If

    End Function


Expert Comment

ID: 10863500
okay, this appears to be something that is more deserving of the VB section of the programming area and should be posted there in my honest opinion...

Author Comment

ID: 10863586
I think the problem is not a source code (1 PC work fine) but a PC configuration.I don't know the fondamental parameter that cause the error (access deniter).What can i do ?

Author Comment

ID: 10868340
I understand.I logged as administrator group and not as 'administrator'.Can i logged as Marco (for example) and be administator.
LVL 41

Accepted Solution

graye earned 125 total points
ID: 10868420
Yes, you can log in as any account that has Administrator rights, that shouldn't have anything to do with it.

Yed, I'd agree, there's something different about that one server that's the root of the problem.   By the way, I assume the failure is on line 31?

Author Comment

ID: 10870703
Yes the error is on line 31.If i logged with 'administrator' work fine.If i logged with 'Marco' (Marco is administrator group) don't work.In another PC if i logged with michele (michele is administrator group) work fine.On my PC if i logged with 'Marco' don't work (only if i logged with administrator work fine).Can i logged with Marco and shutdown another PC or i must logged only with 'administrator' for solved a problem ?

Featured Post

Optimize your web performance

What's in the eBook?
- Full list of reasons for poor performance
- Ultimate measures to speed things up
- Primary web monitoring types
- KPIs you should be monitoring in order to increase your ROI

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

NTFS file system has been developed by Microsoft that is widely used by Windows NT operating system and its advanced versions. It is the mostly used over FAT file system as it provides superior features like reliability, security, storage, efficienc…
OnPage enhanced its integration with ConnectWise Manage to offer incident responders more control over the ticket and Incident Resolution Lifecycle.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…

630 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question