How do I kill a remote process without being on the administrator group using wmi?
What is the least level of privilege required for remotely killing a process on a Windows machine using wmi from c#?
Currently, I am using an account in the administrators group on the target machine to kill the processes and stop/start windows services but this is causing issues because being in the administrator group also allows users to log on to the target machine via Remote Desktop and I don't want that. What are my options here?
Can you have a windows group with all the administrator privileges wit开发者_如何学JAVAhout the Remote Desktop privilege?
To the first part of your question: to kill a process (whether locally or remotely) you need to either be the owner of the process (i.e. the account that originally executed it) or an administrator or SYSTEM.
As for the last question regarding Remote Desktop privileges, this is controlled by Group Policy and/or Local Security Policy. Look under Computer Configuration\Security Settings\Local Policy\User Rights Assignment for "Allow log on through Remote Desktop Services", which by default contains the local Administrators and Remote Desktop Users groups. (There's also a "Deny log on through Remote Desktop Services" options as well.)
精彩评论