Re: How to require a password to stop an NT service?

From: "m" <m@xxx>
Date: Wed, 14 Jun 2006 10:15:22 -0400

yes - you can configure the securty for an arbitry service via a GPO

"Mick" <Mick@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:BF1F4932-25BB-4489-8C84-98E776CB81C8@xxxxxxxxxxxxxxxx

Wouldn't it be possible to configure a group or OU policy so that only
certain people (domain admins for instance) can stop the service?

"Slava M. Usov" wrote:

"Mick" <Mick@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:EF7A286B-3A73-492F-8675-1942AC159642@xxxxxxxxxxxxxxxx

Is there a way to configure an NT service so that it can be started
automatically on any user's system, but require an administrator
password
to stop the service?

Our product has several services, all running under the SYSTEM account.
We
want to be able to install them on user's systems so that they start
automatically, but only a network administrator can stop them.

Is this possible? If so, how?

This is automatically the case. A service configured to auto-start will
start no matter who is logged on, and only machine admins and power users
will be able to stop the service. If your users are not members of those
groups directly or indirectly, you needn't do anything.

If they are, you CANNOT do anything, because they will always prevail.

S

Prev by Date: Re: Catching process and displaying in new window, stopping normal display
Next by Date: Re: Threading low performance
Previous by thread: Threading low performance
Next by thread: GetThreadID or NtQueryInformationThread or what?
Index(es):
- Date
- Thread

Relevant Pages

Re: local admin issues
... The built-in local groups (e.g. Administrators, Power Users) are present and have the same SID on all Windows computers. ... Is there a way to prevent domain admins to be removed from the local admins ... browse to the ldomain's Local Admin Users Group and add it to the local XP machine's groups and choose Administrators ...
(microsoft.public.windows.server.active_directory)
Re: POP client fail authentication
... you set up the new users as Domain admins and Domain ... Power Users? ... This seems a bit of a security issue. ... Merv Porter [SBS-MVP] ...
(microsoft.public.windows.server.sbs)
Re: User forced Logoff remotely
... Well if they are all Domain Admins, ... I think if they are power users, ... permission for remote shut down. ... I know he's logging them off, but the way I found out you ...
(microsoft.public.win2000.general)
Re: How to require a password to stop an NT service?
... certain people (domain admins for instance) can stop the service? ... "Slava M. Usov" wrote: ... >> automatically on any user's system, but require an administrator password ... > start no matter who is logged on, and only machine admins and power users ...
(microsoft.public.win32.programmer.kernel)
Re: How to set Send As permissions
... Your network administrator makes a change to your account in Active ... Microsoft Outlook Programming - Jumpstart for ... Administrators, Power Users, and Developers ...
(microsoft.public.outlook.general)