vbdev04
asked on
Windows 2000/XP/2003: How to add user to Local Security Setting
Hello,
I have setup a service to run as a local user. On 2000/XP/2003, this user must be added into the local security setting "Log on as a Service".
I can do it manually by going thru the Admin Tools. Is there a way to do that using VB6?
Thanks,
ASKER
Using your suggestion I could add the user to specific group. But I could not find the specific net option that will add this user to the local policy "Log on as a Service".
Since this is a one time operation I dont want them to create a group. Creating group and assigning local policy manually will need same manual efforts as assigning policy to the specific user.
Thanks,
ASKER
Increasing points.
When I installed SQL Server, it automatically added me to this policy. So its likely that there is an automated way to assign this policy from an application.
ASKER
I found this on MS Site. If only I could convert this to VB6
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmgmt/security/managing_account_permissions.asp
void AddPrivileges(PSID AccountSID, LSA_HANDLE PolicyHandle)
{
LSA_UNICODE_STRING lucPrivilege;
NTSTATUS ntsResult;
// Create an LSA_UNICODE_STRING for the privilege name(s).
if (!InitLsaString(&lucPrivil
{
wprintf(L"Failed InitLsaString\n");
return;
}
ntsResult = LsaAddAccountRights(
PolicyHandle, // An open policy handle.
AccountSID, // The target SID.
&lucPrivilege, // The privilege(s).
1 // Number of privileges.
);
if (ntsResult == STATUS_SUCCESS)
{
wprintf(L"Privilege added.\n");
}
else
{
wprintf(L"Privilege was not added - %lu \n",
LsaNtStatusToWinError(ntsR
}
}
Should be able to do the same with rights:
Shell("Ntrights.exe -u username +r SeServiceLogonRight")
Shell("Ntrights.exe -u username +r SeServiceLogonRight")
ASKER
This will do it but Do you know whether I can include ntrights.exe with my application distribution?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks
net localgroup users "username" /add
Won't this work in VB?
Shell("net localgroup users username /add")