Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

Windows 2000/XP/2003: How to add user to Local Security Setting

Posted on 2005-03-03
8
Medium Priority
?
279 Views
Last Modified: 2008-02-01

Hello,

I have setup a service to run as a local user. On 2000/XP/2003, this user must be added into the local security setting "Log on as a Service".

I can do it manually by going thru the Admin Tools. Is there a way to do that using VB6?

Thanks,
0
Comment
Question by:vbdev04
  • 5
  • 3
8 Comments
 
LVL 25

Expert Comment

by:jrb1
ID: 13456298
You can issue an OS command and do it

net localgroup users "username" /add

Won't this work in VB?

Shell("net localgroup users username /add")
0
 

Author Comment

by:vbdev04
ID: 13458204

Using your suggestion I could add the user to specific group. But I could not find the specific net option that will add this user to the local policy "Log on as a Service".

Since this is a one time operation I dont want them to create a group. Creating group and assigning local policy manually will need same manual efforts as assigning policy to the specific user.

Thanks,
0
 

Author Comment

by:vbdev04
ID: 13458284

Increasing points.

When I installed SQL Server, it automatically added me to this policy. So its likely that there is an automated way to assign this policy from an application.
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 

Author Comment

by:vbdev04
ID: 13459278

I found this on MS Site. If only I could convert this to VB6
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secmgmt/security/managing_account_permissions.asp

void AddPrivileges(PSID AccountSID, LSA_HANDLE PolicyHandle)
{
  LSA_UNICODE_STRING lucPrivilege;
  NTSTATUS ntsResult;

  // Create an LSA_UNICODE_STRING for the privilege name(s).
  if (!InitLsaString(&lucPrivilege, L"SeServiceLogonRight"))
  {
         wprintf(L"Failed InitLsaString\n");
         return;
  }

  ntsResult = LsaAddAccountRights(
    PolicyHandle,  // An open policy handle.
    AccountSID,    // The target SID.
    &lucPrivilege, // The privilege(s).
    1              // Number of privileges.
  );                
  if (ntsResult == STATUS_SUCCESS)
  {
    wprintf(L"Privilege added.\n");
  }
  else
  {
    wprintf(L"Privilege was not added - %lu \n",
      LsaNtStatusToWinError(ntsResult));
  }
}
0
 
LVL 25

Expert Comment

by:jrb1
ID: 13463078
Should be able to do the same with rights:

Shell("Ntrights.exe -u username +r SeServiceLogonRight")
0
 

Author Comment

by:vbdev04
ID: 13463203

This will do it but Do you know whether I can include ntrights.exe with my application distribution?

0
 
LVL 25

Accepted Solution

by:
jrb1 earned 2000 total points
ID: 13463262
It's part of the Server Resource Kit and it's intended for deploying applications.  I don't have the specific licensing details handy, but you'd think it would be allowed.  It is the tool intended for this type of setup.
0
 

Author Comment

by:vbdev04
ID: 13545616

Thanks
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Sometimes a user will call me frantically, explaining that something has gone wrong and they have tried everything (read - they have messed it up more and now need someone to clean up) and it still does no good, can I help them?!  Usually the standa…
Windows 7 does not have the best desktop search built in. This is something Windows 7 users have struggled with. You type something in, and your search results don’t always match what you are looking for, or it doesn’t actually work at all. There ar…
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…
Hi friends,  in this video  I'll show you how new windows 10 user can learn the using of windows 10. Thank you.
Suggested Courses

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question