Requirement: Remoting service needs to run local BAT files on Windows 2003 Server
Hi,
I seem to be hitting walls here and any help/suggestions would be appreciated. I have a Remoting service that has been provided to me that executes local processes on the device where the service is installed. The facts around the service are:
- Written in C#
- Utilises the Process.Run method in the .Net Framework
- Utilises impersonation
This service has been assigned an account that can execute any command with the exception of BAT, CMD, VBS (and probably other scripting and Shell extensions). When the user is added to the 'Power Users' group it then execute the restricted extensions. The issue with this is that security compliance prevents us from allowing the account from having this level of access.
I have done the following
- Added the System Rights to the account as per 'Power Users'
- Ensured no Software Restriction Policies are applied to the account
- Loosed up the ACL's around the executed script
All this has not delivered the results, still working through this but if anyone has any ideas on what else may prevent execution of BAT files by User accounts on Windows 2003 it would be great to hear about it.
Cheers
David
