I’m currently running Vista and I would like to manually complete the same operations as my Windows Service. Since the Windows Service is running under the Local System Account, I would like to emulate this same behavior. Basically, I would like to run CMD.EXE under the Local System Account. (By the way, it’s fair to question why my Windows Service is running with elevated permissions. Generally, it’s not a good practice, but anyway…
Strike 1:
I found information online which suggests lauching the CMD.exe using the DOS Task Scheduler AT command. Here’s a sample command:
AT 12:00 /interactive cmd.exe
I gave it a shot but I received a Vista warning that “due to security enhancements, this task will run at the time excepted but not interactively.”
It turns out that this approach will work for XP, 2000 and Server 2003 but due to session 0 isolation Interactive services no longer work on Windows Vista and Windows Server 2008.
Strike 2:
Another solution suggested creating a secondary Windows Service via the Service Control (sc.exe) which merely launches CMD.exe.
C:\sc create RunCMDAsLSA binpath= "cmd" type=own type=interactC:\sc start RunCMDAsLSAIn this case the service fails to start and results it the following error message:
FAILED 1053: The service did not respond to the start or control request in a timely fashion.
Strike 3:
The third suggestion was to launch CMD.exe via a Scheduled Task. Though you may run scheduled tasks under various accounts, I don’t believe the Local System Account is one of them. I’ve tried using the Runas as well, but think I’m running into the same restriction as found when running a scheduled task.
Not Out Yet:
Fortunately, I came across this article which demonstrates the use of PSTools from SysInternals which was acquired by Microsoft in July, 2006. I launched the command line and issued the following statement and suddenly I was running under the Local System Account like magic:
psexec -i -s cmd.exePSTools worked great. It’s a lightweight, well-documented set of tools which provided an appropriate solution to my problem.
Updated 01/09/2008: Changed “Local Admin Account” to “Local System Account” in final paragraph. My goof.
Ben,
Glad you enjoyed my article that you linked to above. I noticed the traffic coming from your post and just wanted thank you for the link.
Jarvis
~ The Verbal Processor
Great article, however I was confused when reading the conclusion to your article. In the last paragraph you said “I was running under the Local Admin Account like magic”. You mean cmd.exe ran under SYSTEM or Administrator privileges? Technically speaking, Local Admin is the same as the Administrator account. Sorry for being picky but I rather just ask.
Great work!
Yikes. Thanks for calling this out, Elmar. The paragraph should have read “Local System Account.” I will update and thanks for keeping me honest.
[...] Oppalfens linked me to Ben Griswold (JohnnyCoders) blog on how to make it happen. Definitly worth a read. by Rob – MVP Filed under: CMD, [...]
[...] Oppalfens linked me to Ben Griswold (JohnnyCoders) blog on how to make it happen. Definitly worth a [...]
I am Ephrem From ethiopia
Thanks
And I have some tag
type your…
Type your…
Type your…
I am Shinda from Uganda
Thanks
And I have some tag too
type your…
Type your…
Type your…
Don’t listen to Ephrem, he is crazy ethiopian
Hello Ben,
Thanks for the tip.
It also works for other local account without giving their passwords:
psexec -i -u “nt authority\network service” cmd.exe
Best regards,
Peter
You can wrap your code with
or
blocks for syntax highlighting and you can use these traditional tags:
Maybe somebody know how to run/install program exe under local system account if you don’t know admin password? Thanks.
PSTools is working great, but ask me admin pwd.
Hi,
Just wanted to say Thanks, it worked well.
Thanks,
http://wikis.esri.com/wiki/display/~sewedsaw [url=http://wikis.esri.com/wiki/display/~sewedsaw]tramadol delivered overnight [/url] http://www.formspring.me/sewedsawsewed [url=http://www.formspring.me/sewedsawsewed]buy soma cheap cod [/url] http://www.gameinformer.com/me.....fault.aspx [url=http://www.gameinformer.com/members/pewklord/default.aspx]should you taper off tramadol [/url] http://www.formspring.me/pewklord [url=http://www.formspring.me/pewklord]soma cod orders only [/url] http://www.gameinformer.com/me.....fault.aspx [url=http://www.gameinformer.com/members/wenkopad/default.aspx]buy online pharmacy soma [/url] http://www.amiando.com/MLVOFSP [url=http://www.amiando.com/MLVOFSP]prescription tramadol without [/url] http://www.freakyvidz.com/read.....t-delivery [url=http://www.freakyvidz.com/read_blog/2271/cheap-trazodone-online-overnight-delivery]Trazodone cod overnight [/url] http://www.edmondmom.com/meikolet [url=http://www.edmondmom.com/meikolet]cheap cialis online [/url] http://kenai.com/projects/pred.....pages/Home [url=http://kenai.com/projects/prednisone3e4r/pages/Home]Prednisone medicine [/url] http://www.amiando.com/RXHSIIX [url=http://www.amiando.com/RXHSIIX]cheap soma online [/url]
How can I copyright all original content current and future on my website?
nevertheless an exciting post in your site, I will have the ability to use this info in my work. sorry for your superior of my english language, i am french