MarcoPanza
asked on
Access denited when i try a remote shutdown 2 PC on the lan network
Dear expert exchange
when i use a 'InitiateSystemShutdown' api with a 2 PC (both windows 2000 operation system) the system report error 5 (access denited).I logged both administrator and i have a SE_REMOTE_SHUTDOWN_NAME privilege.The same problem also with windows xp professional.What can i do ?
when i use a 'InitiateSystemShutdown' api with a 2 PC (both windows 2000 operation system) the system report error 5 (access denited).I logged both administrator and i have a SE_REMOTE_SHUTDOWN_NAME privilege.The same problem also with windows xp professional.What can i do ?
ASKER
Yes i have a SE_REMOTE_SHUTDOWN_NAME privilege.There are 2 PC (for example A,B) with both windows 2000 , A can shutdown B , and B cannot shutdown A(Access denited).The same source code was tested to 2 PC.But i don't understand the different between A and B.Why B don't shutdown A ?
check the local security policies for the server itself? I believe the user/group that is being used would need to have the ability to "Force Shutdown from a Remote System"
and since you can do it to one computer, but not the other, compare the Security Policies for both of the PCs to see where the differences are at...
ASKER
the line "Force Shutdown from a Remote System" is administrator and the i' dont see a significative differents on the Security Policies betwen the 2 PC.
are you coding this using a specific language? from what I can see there are several languages that use the API you reference in your first post... if you are, you might want to have this moved to the appropriate area as it would possibly be more of an issue with the code.... also, reference to https://www.experts-exchange.com/questions/20928585/Batch-file-to-restart-PC.html and see if anything there helps you figure out where the issue is at....
hope some of this helps...
hope some of this helps...
ASKER
This is my code:
Public Function SpegniPC(ByVal NomePC As String, Optional AbilitaShutDownLocale As Variant, Optional Ritardo As Variant, Optional Messaggio As Variant) As Boolean
1 Const SE_PRIVILEGE_ENABLED = &H2
2 Const TOKEN_QUERY = &H8
3 Const TOKEN_ADJUST_PRIVILEGES = &H20
4 Const SE_SHUTDOWN_NAME = "SeShutdownPrivilege"
5 Const SE_REMOTE_SHUTDOWN_NAME = "SeRemoteShutdownPrivilege
Dim TokenHandle As Long
Dim VecchioTokenStuff As TOKEN_PRIVILEGES
Dim VecchioTokenStuffLen As Long
Dim NuovoTokenStuff As TOKEN_PRIVILEGES
Dim NuovoTokenStuffLen As Long
Dim Dimensione As Long
Dim Privilegio As String
Dim ForceGuest As String
'Verifica i parametri opzionali
6 If IsMissing(AbilitaShutDownL
7 If IsMissing(Ritardo) Then Ritardo = 0
8 If IsMissing(Messaggio) Then Messaggio = ""
9 SpegniPC = True
'Elimina i backslash iniziali se esistono
10 If InStr(NomePC, "\\") = 1 Then
11 NomePC = Right(NomePC, Len(NomePC) - 2)
End If
'determina se il computer è locale o remoto
12 If (LCase(NomeComputerLocale)
13 Privilegio = SE_SHUTDOWN_NAME
14 Else
15 Privilegio = SE_REMOTE_SHUTDOWN_NAME
End If
'esce se non è abilitato a spegnere il computer locale
16 If AbilitaShutDownLocale = False Then Exit Function
'apre l' accesso al token corrente
17 If OpenProcessToken(GetCurren
18 MsgBox "OpenProcessToken Error: " & Err.LastDllError
Exit Function
End If
19 If LookupPrivilegeValue(vbNul
20 MsgBox "LookupPrivilegeValue Error: " & Err.LastDllError
Exit Function
End If
21 NuovoTokenStuff = VecchioTokenStuff
22 NuovoTokenStuff.PrivilegeC
23 NuovoTokenStuff.Privileges
24 NuovoTokenStuffLen = Len(NuovoTokenStuff)
25 Dimensione = Len(NuovoTokenStuff)
'Abilita il privilegio di speglimento locale/remoto PC
26 If AdjustTokenPrivileges(Toke
27 MsgBox "AdjustTokenPrivileges Error: " ' & GetLastError()
Exit Function
End If
'Disabilita la forzatura dell' utente guest per abilitare i privilegi dello shutdown remoto
28 ForceGuest = Registry_GetValue(HKEY_LOC
29 If ForceGuest = "1" Then Registry_SetValueDword HKEY_LOCAL_NomePC, "SYSTEM\CurrentControlSet\
'Spegne il pc
30 If InitiateSystemShutdown(Nom
31 MsgBox "ShoutDown Fallito Errore " & Err.LastDllError
32 SpegniPC = False
End If
'Ripristina la forzatura dell' utente guest se disabilitata con le righe precedenti
33 If ForceGuest = "1" Then Registry_SetValueDword HKEY_LOCAL_NomePC, "SYSTEM\CurrentControlSet\
'disabilita i privilegi assegnati con le righe precedenti
34 NuovoTokenStuff.Privileges
35 If AdjustTokenPrivileges(Toke
Exit Function
End If
End Function
Public Function SpegniPC(ByVal NomePC As String, Optional AbilitaShutDownLocale As Variant, Optional Ritardo As Variant, Optional Messaggio As Variant) As Boolean
1 Const SE_PRIVILEGE_ENABLED = &H2
2 Const TOKEN_QUERY = &H8
3 Const TOKEN_ADJUST_PRIVILEGES = &H20
4 Const SE_SHUTDOWN_NAME = "SeShutdownPrivilege"
5 Const SE_REMOTE_SHUTDOWN_NAME = "SeRemoteShutdownPrivilege
Dim TokenHandle As Long
Dim VecchioTokenStuff As TOKEN_PRIVILEGES
Dim VecchioTokenStuffLen As Long
Dim NuovoTokenStuff As TOKEN_PRIVILEGES
Dim NuovoTokenStuffLen As Long
Dim Dimensione As Long
Dim Privilegio As String
Dim ForceGuest As String
'Verifica i parametri opzionali
6 If IsMissing(AbilitaShutDownL
7 If IsMissing(Ritardo) Then Ritardo = 0
8 If IsMissing(Messaggio) Then Messaggio = ""
9 SpegniPC = True
'Elimina i backslash iniziali se esistono
10 If InStr(NomePC, "\\") = 1 Then
11 NomePC = Right(NomePC, Len(NomePC) - 2)
End If
'determina se il computer è locale o remoto
12 If (LCase(NomeComputerLocale)
13 Privilegio = SE_SHUTDOWN_NAME
14 Else
15 Privilegio = SE_REMOTE_SHUTDOWN_NAME
End If
'esce se non è abilitato a spegnere il computer locale
16 If AbilitaShutDownLocale = False Then Exit Function
'apre l' accesso al token corrente
17 If OpenProcessToken(GetCurren
18 MsgBox "OpenProcessToken Error: " & Err.LastDllError
Exit Function
End If
19 If LookupPrivilegeValue(vbNul
20 MsgBox "LookupPrivilegeValue Error: " & Err.LastDllError
Exit Function
End If
21 NuovoTokenStuff = VecchioTokenStuff
22 NuovoTokenStuff.PrivilegeC
23 NuovoTokenStuff.Privileges
24 NuovoTokenStuffLen = Len(NuovoTokenStuff)
25 Dimensione = Len(NuovoTokenStuff)
'Abilita il privilegio di speglimento locale/remoto PC
26 If AdjustTokenPrivileges(Toke
27 MsgBox "AdjustTokenPrivileges Error: " ' & GetLastError()
Exit Function
End If
'Disabilita la forzatura dell' utente guest per abilitare i privilegi dello shutdown remoto
28 ForceGuest = Registry_GetValue(HKEY_LOC
29 If ForceGuest = "1" Then Registry_SetValueDword HKEY_LOCAL_NomePC, "SYSTEM\CurrentControlSet\
'Spegne il pc
30 If InitiateSystemShutdown(Nom
31 MsgBox "ShoutDown Fallito Errore " & Err.LastDllError
32 SpegniPC = False
End If
'Ripristina la forzatura dell' utente guest se disabilitata con le righe precedenti
33 If ForceGuest = "1" Then Registry_SetValueDword HKEY_LOCAL_NomePC, "SYSTEM\CurrentControlSet\
'disabilita i privilegi assegnati con le righe precedenti
34 NuovoTokenStuff.Privileges
35 If AdjustTokenPrivileges(Toke
Exit Function
End If
End Function
okay, this appears to be something that is more deserving of the VB section of the programming area and should be posted there in my honest opinion...
ASKER
I think the problem is not a source code (1 PC work fine) but a PC configuration.I don't know the fondamental parameter that cause the error (access deniter).What can i do ?
ASKER
I understand.I logged as administrator group and not as 'administrator'.Can i logged as Marco (for example) and be administator.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Yes the error is on line 31.If i logged with 'administrator' work fine.If i logged with 'Marco' (Marco is administrator group) don't work.In another PC if i logged with michele (michele is administrator group) work fine.On my PC if i logged with 'Marco' don't work (only if i logged with administrator work fine).Can i logged with Marco and shutdown another PC or i must logged only with 'administrator' for solved a problem ?
Imports System
Imports System.Diagnostics
Imports System.Runtime.InteropServ
Module SetPrivilegs
<StructLayout(LayoutKind.S
Private Structure LUID_AND_ATTRIBUTES
Dim Luid As Long
Dim Attributes As Integer
End Structure
<StructLayout(LayoutKind.S
Private Structure TOKEN_PRIVILEGES
Dim PrivilegeCount As Integer
Dim Privilege As LUID_AND_ATTRIBUTES
End Structure
<DllImport("advapi32.dll")
Private Function OpenProcessToken _
(ByVal ProcessHandle As IntPtr, _
ByVal DesiredAccess As Integer, _
ByRef TokenHandle As IntPtr) _
As Boolean
End Function
<DllImport("advapi32.dll")
Private Function LookupPrivilegeValue _
(ByVal lpSystemName As String, _
ByVal lpName As String, _
ByRef lpLuid As Long) _
As Boolean
End Function
<DllImport("advapi32.dll")
Private Function AdjustTokenPrivileges _
(ByVal TokenHandle As IntPtr, _
ByVal DisableAllPrivileges As Boolean, _
ByRef NewState As TOKEN_PRIVILEGES, _
ByVal BufferLength As Integer, _
ByVal PreviousState As IntPtr, _
ByVal ReturnLength As IntPtr) _
As Boolean
End Function
Const TOKEN_QUERY As Integer = &H8
Const TOKEN_ADJUST_PRIVILEGES As Integer = &H20
Const SE_SHUTDOWN_NAME As String = "SeShutdownPrivilege"
Const SE_PRIVILEGE_ENABLED As Integer = &H2
Public Function SetPrivileges() As Boolean
Dim hProc, hToken As IntPtr
Dim luid_Shutdown As Long
Dim tp As New TOKEN_PRIVILEGES
' get the current process's token
hProc = Process.GetCurrentProcess(
hToken = IntPtr.Zero
If Not OpenProcessToken(hProc, TOKEN_ADJUST_PRIVILEGES Or TOKEN_QUERY, hToken) Then
Return False
End If
' get the LUID for the Sutdown privileges (provided it already exist)
luid_Shutdown = 0
If Not LookupPrivilegeValue(Nothi
Return False
End If
tp.PrivilegeCount = 1
tp.Privilege.Luid = luid_Shutdown
tp.Privilege.Attributes = SE_PRIVILEGE_ENABLED
' enable the privileges
If Not AdjustTokenPrivileges(hTok
Return False
End If
Return True
End Function
End Module