Windows Server 2003 SYSTEM Account

Collapse
This topic is closed.
X
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • Simon Hart
    #1

    Windows Server 2003 SYSTEM Account

    Hi,

    I have written a Windows Service component in C# which manages processes on
    the server. The code is required to terminate these processes when they
    timeout. The Windows Service runs under the SYSTEM account. I check in code
    whether the user belongs to the Administrators group using the
    WindowsPrincipl e class which it does. When it comes to terminating the
    processes using the Process class, I am not able to terminate the processes.
    If I restart the service to run under the local Administrator's account, I
    am able to terminate the processes? It doesn't really make any sense as both
    users are part of the Administrators group.

    Windows Server 2003 runs SP1, .NET 1.1.
    Any ideas?
    Cheers
    Simon.


    Tags: None
    • Simon Hart
      #2
      Re: Windows Server 2003 SYSTEM Account

      Update:

      It turns out this is happening on one Windows 2003 Server machine.

      I have tested this on my Virtual PC and it works!?!

      Regards
      Simon.

      "Simon Hart" <srhartone@[no spam]yahoo.com> wrote in message
      news:ums73gpRGH A.5500@TK2MSFTN GP12.phx.gbl...[color=blue]
      > Hi,
      >
      > I have written a Windows Service component in C# which manages processes
      > on the server. The code is required to terminate these processes when they
      > timeout. The Windows Service runs under the SYSTEM account. I check in
      > code whether the user belongs to the Administrators group using the
      > WindowsPrincipl e class which it does. When it comes to terminating the
      > processes using the Process class, I am not able to terminate the
      > processes. If I restart the service to run under the local Administrator's
      > account, I am able to terminate the processes? It doesn't really make any
      > sense as both users are part of the Administrators group.
      >
      > Windows Server 2003 runs SP1, .NET 1.1.
      > Any ideas?
      > Cheers
      > Simon.
      >[/color]


        Comment

        • Willy Denoyette [MVP]
          #3
          Re: Windows Server 2003 SYSTEM Account


          "Simon Hart" <srhartone@[no spam]yahoo.com> wrote in message
          news:ums73gpRGH A.5500@TK2MSFTN GP12.phx.gbl...
          | Hi,
          |
          | I have written a Windows Service component in C# which manages processes
          on
          | the server. The code is required to terminate these processes when they
          | timeout. The Windows Service runs under the SYSTEM account. I check in
          code
          | whether the user belongs to the Administrators group using the
          | WindowsPrincipl e class which it does. When it comes to terminating the
          | processes using the Process class, I am not able to terminate the
          processes.
          | If I restart the service to run under the local Administrator's account, I
          | am able to terminate the processes? It doesn't really make any sense as
          both
          | users are part of the Administrators group.
          |
          | Windows Server 2003 runs SP1, .NET 1.1.
          | Any ideas?
          | Cheers
          | Simon.
          |
          |

          SYSTEM is a pseudo account, it doesn't really exists in the account
          database, so considering it a member of Administrators is not correct.
          In order to be able to kill another process, the caller needs the
          "SeDebugPrivile ge", "Administrators " do have this privilege by default. So
          if you wan't to be able to kill other processes, you have to add SYSTEM to
          the "Debug programs" entry in Local Security Settings - Local Policies -
          User Rights Assignment, or you have to enable this privilege from code
          (through PInvoke).

          Willy.


            Comment

            Previous template Next
            Working...