Re: Windows 2003 Security

I got this figured out, fyi.  I had to use the LogonUser, and
CreateProcessAsUser API's to execute a program as another user.  It
still requires you to know the other user's domain, profile and pwd, but
that was not a problem for this situation.

-----Original Message-----
From: pctech-bounces@xxxxxxxxxxxx [mailto:pctech-bounces@xxxxxxxxxxxx]
On Behalf Of Walden H. Leverich
Sent: Thursday, October 12, 2006 10:32 AM
To: PC Technical Discussion for iSeries Users
Subject: Re: [PCTECH] Windows 2003 Security

I have a socket server program running on a Windows 2003 server.

By "server program" do you mean it's running as a service?

Is there a way (say a DOS command or other windows command 
or API) that I can run from my socket server program to allow 
me to log on first and then run my exe file?

You could always start a windows session and run in that session, but
that would be like writing remote control software -- why do it? Tell me
about this .exe, does it expect to interact w/the desktop? Or is it just
a batch-style program?

2.     Barring that, is there a way to have Win 2003 server ignore 
The authority issue for a specific *.exe or API?

Hmmm, is there a way to tell OS/400 to ignore the fact that I'm not
authorized to a file? <G> Seriously, there are two steps you should go
through here. First, look in the security event log, if you've got
failure auditing turned on (you do, don't you?) then you should see an
event if this is indeed a lack-of-security issue. Then second, grant the
necessary security to the right user.

-Walden