I know that you can stop services with the SC command, but that requires Admin rights on the target machine. I have used the SC SDSET command to modify the SDDL set for the service in question. Now I have it so that the non-admin user can stop and start the service locally. This command will not work remotely. User VPN's into the netowrk and I have tried several combinations to use the SC Stop command and always get Access is Denied. I tested it locally by giving the user account Logon Locally, and the user can only stop/start the 2 services that I modified, but cannot do it remotely.
Tried creating scripts that would run the SC Stop command on the remote Server, but is being accessed via a share and therefore seems to detect that the command is not local. I have tried a local (to the VPN user's PC) script that calls a script on the remote Server that runs the SC Stop command and it still fails.
What am I missing?