远程OpenSCManager失败,访问被拒绝 [英] Remote OpenSCManager fails with access denied
问题描述
我正在尝试使用以下代码控制远程计算机上的服务:
I am attempting to control a service on a remote machine using the following code:
// Error checking omitted for brevity
HANDLE hToken = NULL;
// user = username with no domain specification
// domain = targetmachine when targetting computer outside of domain
LogonUser(user, domain, password,
LOGON32_LOGON_NEW_CREDENTIALS, LOGON32_PROVIDER_WINNT50, &hToken);
ImpersonateLoggedOnUser(hToken);
SC_HANDLE hSc = OpenSCManager(targetmachine,
SERVICES_ACTIVE_DATABASE, SC_MANAGER_ALL_ACCESS);
使用本地登录用户的凭据以及其他凭据在本地域中的计算机上运行并且将计算机定位到同一域上时,此方法都可以正常工作.
This works fine when run from a computer within our local domain and targetting a machine on the same domain, both when using the credentials from the currently logged on user as well as when using other credentials.
但是,当我尝试定位不在任何域上的计算机时,如果我将SC_MANAGER_CONNECT以外的任何其他内容指定为所需访问权限,则OpenSCManager调用将失败,访问被拒绝.从域外的计算机定向域计算机是可行的(对目标计算机上的本地管理员域用户使用用户/域/密码组合).从域外的计算机定位到域外的计算机无法正常工作.
However, when I attempt to target a machine that is not on any domain, the OpenSCManager call fails with access denied if I specify anything other than SC_MANAGER_CONNECT as the desired access. Targetting a domain computer from a computer that is outside the domain works (using user/domain/password combination for a domain user that is a local administrator on the target machine). Targetting a computer outside the domain from a computer outside the domain does not work.
用户/密码用于目标计算机上的管理员组的成员,因此帐户权限应该没有问题.
The user/password is for a member of the administrator group on the target computer, so there should not be a problem with the account rights.
我已经使用sc -sdshow scmanager检查了scmanager安全描述符,它对于域计算机和非域计算机是相同的.两者都运行Windows 7 64位.
I've checked the scmanager security descriptor using sc -sdshow scmanager and it is identical for the domain computer and the non-domain computer. Both are running Windows 7 64-bit.
我还测试过使用具有相同症状的 psexec ,即在域计算机之间可以正常工作,但在定位非域计算机时则不能.
I've also tested to use psexec, which has the same symptoms, i.e. works fine between domain computers but not when targetting non-domain computer.
我还测试了禁用目标计算机上的RPC over TCP并重新启动它,因为这是
I have also tested to disable RPC over TCP on the target machine and rebooting it, as this is described as a possible cause for access denied errors but this does not appear to help. I've also tested to disable the Windows Firewall on the targetmachine, but no change.
是否需要启用某些设置才能使服务的远程配置生效?
推荐答案
这似乎是Windows Vista及更高版本的新安全功能引起的.默认情况下,除非在域中进行操作,否则Windows将不会授予远程连接用户完整的管理员权限.因此,为了使其正常工作,需要关闭用户帐户控制远程限制,但是当然,这也会降低计算机的安全性.
It appears that this was caused by new security features from Windows Vista and above. By default, Windows will not grant remotely connecting users full administrator rights unless it is being done within a domain. So in order for this to work, User Account Control Remote Restrictions need to be turned off, but of course this will also lower the security of your computer.
Thanks to Hans Passant for recommending to check for similar issues posted on serverfault.com.
这篇关于远程OpenSCManager失败,访问被拒绝的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
