Link to home
Start Free TrialLog in
Avatar of lgropper
lgropper

asked on

user does not have permission to start service

I'm trying to lock down a PC that has windows XP Pro running and is not on a domain.

the issue im having is trying to allow specific users to have access to run specific services. IE: DHCP, DNS and pcAnywhere.

ive also tried to use the "LOGON" feature and that doesnt work and i cant seem to find/locate the policy to allow this.

please help



Avatar of Jay_Jay70
Jay_Jay70
Flag of Australia image
Hi lgropper,

you can or you cant start the services

you do want to be able to or dont

Cheers!
Avatar of lgropper
lgropper

ASKER

i cant
Avatar of lgropper
lgropper

ASKER

i cant start the services as a user and i need to be able to start them. either selected services or all.
ASKER CERTIFIED SOLUTION
Avatar of Walter Padrón
Walter Padrón
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of lgropper
lgropper

ASKER

thank you, i read the  documentation you provided.

i cant seem to find the syntax to use to change the values.

IE: DHCP is as follows:

D:(A;;CCLCSWLOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;NO)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)

How do i change (A;;CCLCSWLOCRRC;;;AU) to (A;;CCLCSWRPWPDTLOCRRC;;;AU)

but keeping all the rest of the values intact?
Avatar of lgropper
lgropper

ASKER

ADDITION TO THE ABOVE:

i ran SC SDSET DHCP D:(A;;CCLCSW*RPWPDT*LOCRRC;;;AU)(A;;CCLCSWRPWPDTLOCRRC;;;NO)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWRPWPDTLOCRRC;;;SY)

** = my addition

and when i log in as on of the users i'm getting an " ERROR 1079: The account specified for this service is different from the account specified for other services running the in the same process."

i'm not sure why this is. all the users are under the USER group. so wouldnt my changes work for AUTHENTICATED USERS?

PLEASE HELP