EDN Admin
Well-known member
I have a Windows Service that needs to start other processes under a user context other than that used by the service. Ive seen other posts related to this but have seen no resolution. Ive tried many things and have been unsuccessful in starting the process from a Windows Service when a username, password is supplied. I need help to get this working as its a requirement of our system to do this and it worked fine until recently and only fails on Vista and Windows 7 (works on XP).
The following code is used to start the process.
Dim P As New Process
P.StartInfo.Domain = Domain
P.StartInfo.UserName = UserId
Dim Pwd As New System.Security.SecureString
Dim Pw() As Char
Pw = Password.ToCharArray()
For Each C As Char In Pw
Pwd.AppendChar(C)
Next C
Pwd.MakeReadOnly()
P.StartInfo.Password = Pwd
P.StartInfo.FileName = FileName
P.StartInfo.Arguments = ""
P.StartInfo.LoadUserProfile = True
P.StartInfo.WorkingDirectory = WorkingDir
P.StartInfo.UseShellExecute = False
P.StartInfo.CreateNoWindow = True
P.Start()
This code has been tested from a Windows application and works fine. It will start the indicated application under whatever user context is supplied. When run from a Windows Service, however, the first error was "Access is denied.". I got past this error by changing the account that the service runs under. Depending on the account the service runs under, I get other errors.
When running the service under NT AUTHORITYNetworkService (and others), the service appears to start the process but the application fails with a 0xC0000142 error. When I run the service under one of the domain accounts, it works to start a process with the same account but when another account is selected, the process fails.
I saw a post about setting the DACL on the WindowStation and the Desktop so I decided to try that and promptly got "System.SystemException: The trust relationship between the primary domain and the trusted domain failed.".
Ive been beating on this for a couple of days now and havent found any way to make this work. It seems like something that should be pretty simple. Im providing credentials that are valid for logging into the system and Im providing a valid EXE to execute. It works properly when initiated from a windows application but I cant get this to work from a Windows service. Any thoughts would be appreciated.Ken Beccard, Sungard Relius
View the full article
The following code is used to start the process.
Dim P As New Process
P.StartInfo.Domain = Domain
P.StartInfo.UserName = UserId
Dim Pwd As New System.Security.SecureString
Dim Pw() As Char
Pw = Password.ToCharArray()
For Each C As Char In Pw
Pwd.AppendChar(C)
Next C
Pwd.MakeReadOnly()
P.StartInfo.Password = Pwd
P.StartInfo.FileName = FileName
P.StartInfo.Arguments = ""
P.StartInfo.LoadUserProfile = True
P.StartInfo.WorkingDirectory = WorkingDir
P.StartInfo.UseShellExecute = False
P.StartInfo.CreateNoWindow = True
P.Start()
This code has been tested from a Windows application and works fine. It will start the indicated application under whatever user context is supplied. When run from a Windows Service, however, the first error was "Access is denied.". I got past this error by changing the account that the service runs under. Depending on the account the service runs under, I get other errors.
When running the service under NT AUTHORITYNetworkService (and others), the service appears to start the process but the application fails with a 0xC0000142 error. When I run the service under one of the domain accounts, it works to start a process with the same account but when another account is selected, the process fails.
I saw a post about setting the DACL on the WindowStation and the Desktop so I decided to try that and promptly got "System.SystemException: The trust relationship between the primary domain and the trusted domain failed.".
Ive been beating on this for a couple of days now and havent found any way to make this work. It seems like something that should be pretty simple. Im providing credentials that are valid for logging into the system and Im providing a valid EXE to execute. It works properly when initiated from a windows application but I cant get this to work from a Windows service. Any thoughts would be appreciated.Ken Beccard, Sungard Relius
View the full article