Using ServiceController to remotely administer windows services


T

Tony201

Hi All,

I have an application that uses ASP.NET to control windows services on
various remote windows 2003 servers. Furthermore the application queries an
SQL Server database using integrated authentication. I have setup a domain
user to run my app pool for this application and setup constrained delegation
to allow integrated authentication for SQL Server. All works well on my
development XP machine and when I move the application to the server, SQL
Server access is fine but I get an error when I try to query the services.
However, when I turn impersonation off in web.config, SQL Server access fails
(as expected) but querying windows services works (NOTE: that my app pool
account is admin on all servers concerned so permission shouldn't be an
issue).

My question is
Is it possible to impersonate a user to control a service on a remote machine?
If so, do I need to setup an SPN for this or do some other configuration?
If I need to setup an SPN, what is the service type of the Service
Controller Manager and what account do I need to setup this SPN for?

Error message when impersonation is turned on
[Win32Exception (0x80004005): Access is denied]

[InvalidOperationException: Cannot open Service Control Manager on computer
'serverxxxx'. This operation might require other privileges.]

System.ServiceProcess.ServiceController.GetDataBaseHandleWithAccess(String
machineName, Int32 serviceControlManaqerAccess) +35775

System.ServiceProcess.ServiceController.GetDataBaseHandleWithEnumerateAccess(String machineName) +9
System.ServiceProcess.ServiceController.GetServicesOfType(String
machineName, Int32 serviceType) +143
System.ServiceProcess.ServiceController.GetServices(String machineName) +9
AutonomyAdmin.test.test2() +400
AutonomyAdmin.test.Page_Load(Object sender, EventArgs e) +137
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o,
Object t, EventArgs e) +14
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
EventArgs e) +35
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +50
System.Web.UI.Page.ProcessRequestMain(Boolean
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627



Code used to query Windows Services
private void test1()
{
BoundColumn serviceName = new BoundColumn();
serviceName.DataField = "displayName";
serviceName.HeaderText = "Service Name";
serviceName.ItemStyle.CssClass = autnCssConstants.cssServerColumn;

//Initialise datagrid
DataGrid dGrid = new DataGrid();
dGrid.CssClass = autnCssConstants.cssDatabaseTable;
dGrid.EnableViewState = false;
dGrid.HeaderStyle.CssClass =
autnCssConstants.cssDatabaseTableHeader;
dGrid.AlternatingItemStyle.CssClass =
autnCssConstants.cssAlternateRow;
dGrid.AutoGenerateColumns = false;

//Add columns
dGrid.Columns.Add(serviceName);

//Bind data
dGrid.DataSource = ServiceController.GetServices("serverxxxx");
dGrid.DataBind();
this.form1.Controls.Add(dGrid);
}
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top