Using ServiceController to remotely administer windows services



Hi All,

I have an application that uses ASP.NET to control windows services on
various remote windows 2003 servers. Furthermore the application queries an
SQL Server database using integrated authentication. I have setup a domain
user to run my app pool for this application and setup constrained delegation
to allow integrated authentication for SQL Server. All works well on my
development XP machine and when I move the application to the server, SQL
Server access is fine but I get an error when I try to query the services.
However, when I turn impersonation off in web.config, SQL Server access fails
(as expected) but querying windows services works (NOTE: that my app pool
account is admin on all servers concerned so permission shouldn't be an

My question is
Is it possible to impersonate a user to control a service on a remote machine?
If so, do I need to setup an SPN for this or do some other configuration?
If I need to setup an SPN, what is the service type of the Service
Controller Manager and what account do I need to setup this SPN for?

Error message when impersonation is turned on
[Win32Exception (0x80004005): Access is denied]

[InvalidOperationException: Cannot open Service Control Manager on computer
'serverxxxx'. This operation might require other privileges.]

machineName, Int32 serviceControlManaqerAccess) +35775

System.ServiceProcess.ServiceController.GetDataBaseHandleWithEnumerateAccess(String machineName) +9
machineName, Int32 serviceType) +143
System.ServiceProcess.ServiceController.GetServices(String machineName) +9
AutonomyAdmin.test.test2() +400
AutonomyAdmin.test.Page_Load(Object sender, EventArgs e) +137
System.Web.Util.CalliHelper.EventArgFunctionCaller(IntPtr fp, Object o,
Object t, EventArgs e) +14
System.Web.Util.CalliEventHandlerDelegateProxy.Callback(Object sender,
EventArgs e) +35
System.Web.UI.Control.OnLoad(EventArgs e) +99
System.Web.UI.Control.LoadRecursive() +50
includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +627

Code used to query Windows Services
private void test1()
BoundColumn serviceName = new BoundColumn();
serviceName.DataField = "displayName";
serviceName.HeaderText = "Service Name";
serviceName.ItemStyle.CssClass = autnCssConstants.cssServerColumn;

//Initialise datagrid
DataGrid dGrid = new DataGrid();
dGrid.CssClass = autnCssConstants.cssDatabaseTable;
dGrid.EnableViewState = false;
dGrid.HeaderStyle.CssClass =
dGrid.AlternatingItemStyle.CssClass =
dGrid.AutoGenerateColumns = false;

//Add columns

//Bind data
dGrid.DataSource = ServiceController.GetServices("serverxxxx");


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question