#StackBounty: #powershell #cmd.exe #windows-server #windows-services A privilege that the service requires to start doesn't exist i…

Bounty: 50

Using CarbonDLLs and sc config I am able to grant the user Logon As Service rights and also able to add the user as the Services’ Log on as account.

Previously I was getting Logon Failure but after using carbon and powershell script I was able to remove that error by granting Logon as Service permission to the account.

But now when I start the service I get the following error:

A privilege that the service requires to start does not exist in the Service Account....

For Service Account I’m using a user account from AD which is also added as a Local Administrator on the server on which I am changing the services’ log on as account.

For testing I was changing the Logon As Account of Themes service which by default runs under the Local System Account. I don’t want to run it under Local System but under the Account Ive assigned


Get this bounty!!!

#StackBounty: #c# #installation #permissions #windows-services #user-accounts How to programatically grant a virtual user permission to…

Bounty: 50

I have a service that I wrote that I need to deploy to a number (about 1100) devices. All of these devices are logged in as a regular user, not an administrator.

I can push out the service with our deployment software, which does run as an admin. Our security team does not want this service to run on the Local System account (for obvious reasons). What I’ve come up with is that the service will install as the Local System, but will then change it’s log in account to a virtual user, which then needs access to a folder in Program Files (x86).

What I’ve found is that if I install the service (using remote admin access) via the command line, I can install the service, but it won’t start.

When I look in the event logs, I get an UnauthorizedAccessException error.

This I suspect is because the service is already running under the virtual user which doesn’t have access to start the service. So how can I get around this?

In the main class for the service, I have this method, which is supposed to give the user access to the necessary folder:

    private void GiveDirectoryAccess(string dir, string user)
    {
        try
        {
            DirectoryInfo directoryInfo = new DirectoryInfo(dir);
            DirectorySecurity ds = directoryInfo.GetAccessControl();
            ds.AddAccessRule(new FileSystemAccessRule(user, FileSystemRights.FullControl,
                InheritanceFlags.ObjectInherit | InheritanceFlags.ContainerInherit, PropagationFlags.NoPropagateInherit, AccessControlType.Allow));
            directoryInfo.SetAccessControl(ds);
        }
        catch (Exception e)
        {
            SimpleLog.Log(e);
            throw;
        }

    }

This is called right after the service is initialized:

    public CheckRALVersionService()
    {
        InitializeComponent();
        // Give directory access
        string alhadminPath = System.IO.Path.Combine(pathToFolder, alhadmin);
        GiveDirectoryAccess(alhadminPath, serviceUser);
        string exeName = System.IO.Path.GetFileName(fullExeNameAndPath);
        string tmppath = System.IO.Path.Combine(localdir, tmp);
        SimpleLog.SetLogFile(logDir: tmppath, prefix: "debout." + exeName + "_", extension: "log");
        watcher = new DirectoryWatcher(pathToFolder, alhadmin);
    }

Then, in the ProjectInstaller class, I am changing the user to the virtual user in the serviceInstaller1_Committed method:

    void serviceInstaller1_Committed(object sender, InstallEventArgs e)
    {
        using (ManagementObject service = new ManagementObject(new ManagementPath("Win32_Service.Name='RalConfigUpdate'")))
        {
            object[] wmiParams = new object[11];
            wmiParams[6] = @"NT ServiceRalConfigUpdate";
            service.InvokeMethod("Change", wmiParams);
        }
    }

Do I need a helper service to give the access? Can what I want to do be done all within this service?

Thanks in advance.


Get this bounty!!!

#StackBounty: #c# #.net #rest #http #windows-services Https calls are not connecting to server

Bounty: 200

I am working on Windows Service in visual studio 2017. In the rest api’s call, getting exceptions while debugging code. Sometimes first 2 3 calls working after that getting exceptions.

System.Net.WebException: ‘The remote server returned an error: (503)
Server Unavailable.’

The remote server returned an error: (429)

Unable to connect to the remote server

When calling same api’s from Postman, getting response successfully.

This is my code

private void timer1_Tick(object sender, ElapsedEventArgs e)
{
    WriteToFile("timer1_Tick method called..");
try
{
    string jsonString = "";
    string jsonstring2 = "";
    string prodfetchurl = HOST;
    var req = WebRequest.Create(prodfetchurl) as HttpWebRequest;
    req.Method = "GET";
    InitializeRequest(req);
    req.Accept = MIME_TYPE;
    //System.Threading.Thread.Sleep(5000);
    var response = (HttpWebResponse)req.GetResponse();
    WriteToFile("First service called...");
    if (response.StatusCode == HttpStatusCode.OK)
    {
        Stream responseStream = response.GetResponseStream();
        StreamReader responseReader = new StreamReader(responseStream);
        jsonString = responseReader.ReadToEnd();
    }
    var deserialsseobj = JsonConvert.DeserializeObject<ProductList>(jsonString).Products.Where(i => i.Failed > 0).ToList();
    foreach (var a in deserialsseobj)
    {
        var pid = a.ID;
        string url = FailedDevicesUrl + pid.Value + "/failed";
        var req2 = WebRequest.Create(url) as HttpWebRequest;
        req2.Method = "GET";
        InitializeRequest(req2);

        req2.Timeout = 300000;
        req2.Accept = MIME_TYPE;
        var response1 = (HttpWebResponse)req2.GetResponse();
        Stream responsestream2 = response1.GetResponseStream();
        WriteToFile("Second service called...");
        if (response1.StatusCode == HttpStatusCode.OK)
        {
            StreamReader responsereader1 = new StreamReader(responsestream2);
            jsonstring2 = responsereader1.ReadToEnd();
        }

        var output = JsonConvert.DeserializeObject<List<FailedDeviceList>>(jsonstring2);  // Will get List of the Failed devices
        List<int> deviceids = new List<int>();
        Reprocessdata reproc = new Reprocessdata();
        Reprocessdata.DeviceId rprod = new Reprocessdata.DeviceId();

        reproc.ForceFlag = true;
        reproc.ProductID = pid.Value;
        foreach (var dd in output)
        {
            rprod.ID = dd.DeviceId;
            reproc.DeviceIds.Add(rprod);
        }

        // Reprocess the Product in Devices
        var req3 = WebRequest.Create(ReprocessUrl) as HttpWebRequest;
        req3.Method = "POST";
        InitializeRequest(req3);
        req3.Accept = MIME_TYPE;
        req3.Timeout = 300000;
        req3.ContentType = "application/json";
        using (StreamWriter writer = new StreamWriter(req3.GetRequestStream()))
        {
            string json = new JavaScriptSerializer().Serialize(reproc);

            writer.Write(json);
            writer.Close();
        }
        System.Threading.Thread.Sleep(5000);
        var response5 = (HttpWebResponse)req3.GetResponse();
        WriteToFile("Third service called...");
        if (response5.StatusCode == HttpStatusCode.OK)
        {
            string result;
            using (StreamReader rdr = new StreamReader(response5.GetResponseStream()))
            {
                result = rdr.ReadToEnd();
            }
        }
    }
    response.Close();
}
catch (Exception ex)
{
    WriteToFile("Simple Service Error on: {0} " + ex.Message + ex.StackTrace);
}
}

Methods used in above code

protected override void OnStart(string[] args)
{
    base.OnStart(args);
    timer1 = new System.Timers.Timer();
    timer1.Interval = 60000; //every 1 min
    timer1.Elapsed += new System.Timers.ElapsedEventHandler(timer1_Tick);
    timer1.Enabled = true;
    WriteToFile("Service has started..");
}

public void InitializeRequest(HttpWebRequest request)
{
    request.Headers.Add("aw-tenant-code", API_TENANT_CODE);
    request.Credentials = new NetworkCredential(USER_NAME, PASSWORD);
    request.KeepAlive = false;
    request.AddRange(1024);
}

When I contacted service provide they said everything fine from there side. Is this my code is buggy or windows service not reliable? How can I fix this issue?

Note: All APIS are working fine from Angular application using Visual Studio Code. It means my code is not working.


Get this bounty!!!

#StackBounty: #c++ #winapi #windows-services How to check that the current process is running as Windows Service using WinAPI functions?

Bounty: 50

I have a program that can be run as a simple console application or can be registered as Windows Service. I want to detect in main() function the current running context:

#include <windows.h>

BOOL IsWindowsService()
{
    ???
}

int main(int argc, char** argv)
{
    if (IsWindowsService())
    {
        // Running as Windows Service...
        RunService();
        return;
    }

    // Running as console application...    
    return 0;
}

Can you help me with a possible implementation of IsWindowsService() function?


Get this bounty!!!