-
August 20th, 2009, 10:41 AM
#1
[RESOLVED] Executing a InitiateSystemShutdown() from a service running as Local System
We have this computer management tool that runs as a service, which runs as Local System. I have been asked, to write something that will enable some administrators to shut down a bunch of computers at some designated time. I think this is a bad idea, but my opinion in this matter is not being asked.
The InitiateSystemShutdown Function requires the SE_SHUTDOWN_NAME privilege.
Local System Account has this privilege, but it is disabled.
I have been reading the API stuff on AdjustTokenPrivileges Function, but I am getting a bit confused.
I am confused on two fronts. The first is, do I have all the privileges to enable the SE_SHUTDOWN_NAME privilege on "Local System".
The next is, how do I do that? I am not sure how to get the current process access token. Furthermore, my experience with tokens is to get a token, and then to "CreateProcessWithTokenW".
What is different here is that I want to affect the current token I am running under to execute an API call I am not normally allowed to call.
To make it harder, I can't debug and test very well because I am not running as Local System. Admin users can shut down the system, so that would succeed for me if I were trying to test.
If anyone has some code snippets I can build around, I would greatly appreciate it.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|