?
Solved

Windows 2000/XP/2003: How to add user to Local Security Setting

Posted on 2005-03-03
8
Medium Priority
?
273 Views
Last Modified: 2008-02-01

Hello,

I have setup a service to run as a local user. On 2000/XP/2003, this user must be added into the local security setting "Log on as a Service".

I can do it manually by going thru the Admin Tools. Is there a way to do that using VB6?

Thanks,
0
Comment
Question by:vbdev04
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 3
8 Comments
 
LVL 25

Expert Comment

by:jrb1
ID: 13456298
You can issue an OS command and do it

net localgroup users "username" /add

Won't this work in VB?

Shell("net localgroup users username /add")
0
 

Author Comment

by:vbdev04
ID: 13458204

Using your suggestion I could add the user to specific group. But I could not find the specific net option that will add this user to the local policy "Log on as a Service".

Since this is a one time operation I dont want them to create a group. Creating group and assigning local policy manually will need same manual efforts as assigning policy to the specific user.

Thanks,
0
 

Author Comment

by:vbdev04
ID: 13458284

Increasing points.

When I installed SQL Server, it automatically added me to this policy. So its likely that there is an automated way to assign this policy from an application.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:vbdev04
ID: 13459278

I found this on MS Site. If only I could convert this to VB6
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmgmt/security/managing_account_permissions.asp

void AddPrivileges(PSID AccountSID, LSA_HANDLE PolicyHandle)
{
  LSA_UNICODE_STRING lucPrivilege;
  NTSTATUS ntsResult;

  // Create an LSA_UNICODE_STRING for the privilege name(s).
  if (!InitLsaString(&lucPrivilege, L"SeServiceLogonRight"))
  {
         wprintf(L"Failed InitLsaString\n");
         return;
  }

  ntsResult = LsaAddAccountRights(
    PolicyHandle,  // An open policy handle.
    AccountSID,    // The target SID.
    &lucPrivilege, // The privilege(s).
    1              // Number of privileges.
  );                
  if (ntsResult == STATUS_SUCCESS)
  {
    wprintf(L"Privilege added.\n");
  }
  else
  {
    wprintf(L"Privilege was not added - %lu \n",
      LsaNtStatusToWinError(ntsResult));
  }
}
0
 
LVL 25

Expert Comment

by:jrb1
ID: 13463078
Should be able to do the same with rights:

Shell("Ntrights.exe -u username +r SeServiceLogonRight")
0
 

Author Comment

by:vbdev04
ID: 13463203

This will do it but Do you know whether I can include ntrights.exe with my application distribution?

0
 
LVL 25

Accepted Solution

by:
jrb1 earned 2000 total points
ID: 13463262
It's part of the Server Resource Kit and it's intended for deploying applications.  I don't have the specific licensing details handy, but you'd think it would be allowed.  It is the tool intended for this type of setup.
0
 

Author Comment

by:vbdev04
ID: 13545616

Thanks
0

Featured Post

Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #POC #XenDesktop #vCenter #VMware #ESX
I use more than 1 computer in my office for various reasons. Multiple keyboards and mice take up more than just extra space, they make working a little more complicated. Using one mouse and keyboard for all of my computers makes life easier. This co…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question