permissions to reboot (both locally and remotely)

permissions to reboot (both locally and remotely): Posted by Blake on April 3rd, 2008; I have created a domain user and I want to grant it the rights to reboot a
server (this is NOT an admin, either local or domain).

I am looking for the minimum requirements for both a remote shutdown/reboot
as well as a local shutdown/reboot (such as a scheduled task).

I am using SHUTDOWN.EXE currently.

I have given the domain user both 'Force shutdown from a remote system' as
well as 'shut down the system' - but I get errors, most notably:

C:\Program Files\Windows Resource Kits\Tools>shutdown -r -m \\test_server
The operation completed successfully.
A required privilege is not held by the client.

During the local attempt, the scheduled task runs but nothing happens.

Thanks
Blake; Posted by Lanwench [MVP - Exchange] on April 3rd, 2008; Blake <blake@blake.com> wrote:
Wow, that's a heck of a crosspost!

Not sure if there are easier ways, but one no brainer method might be
Encrypted RunAs (shareware) from http://www.wingnutsoftware.com/ and a
script/shortcut that runs shutdown.exe with the parameters you wish. Then
you can set up the shortcut to use the domain account you wish, without the
end user seeing/accessing the password directly.; Posted by Anthony [MVP] on April 3rd, 2008; If you look in the Local Security Policy and copy the User Rights Assignment
for Backup Operators (except for the specific Backup and Restore rights if
you don't want them to be able to do that) that should do it,
Anthony,
http://www.airdesk.co.uk

"Blake" <blake@blake.com> wrote in message
news:eGiF1balIHA.5368@TK2MSFTNGP04.phx.gbl...; Posted by Blake on April 3rd, 2008; When the user attempts to run the shutdown command, I get event 578:

Win32 Registry/SystemShutdown module
blah blah
Privileges: seShutdownPrivilege

This user DOES have the 'user rights assignment' to shut down the system.
(as well as log on locally, as a batch job - most of the Backup Operators
rights)

Thoughts?

"Anthony [MVP]" <anthony@no-reply.com> wrote in message
news:uOZZMBblIHA.5660@TK2MSFTNGP02.phx.gbl...; Posted by Blake on April 3rd, 2008; the problem here lies when that password must be changed - I'm trying to
tighten security and create an ID that can reboot the servers and not much
else. The rights seem to exist in the security policies....

Blake

"Lanwench [MVP - Exchange]"
<lanwench@heybuddy.donotsendme.unsolicitedmailatya hoo.com> wrote in message
news:ORP0HwalIHA.464@TK2MSFTNGP02.phx.gbl...; Posted by Blake on April 3rd, 2008; I think it is a group policy issue - will update tomorrow

Blake
"Blake" <blake@blake.com> wrote in message
news:OgSZfOclIHA.5820@TK2MSFTNGP04.phx.gbl...; Posted by Blake on April 4th, 2008; I had a group policy overriding the one I was using to give the user
permissions to shut down the system.

all the user needs is 'shut down system' and 'log on as a batch job' for the
scheduled task to run.

Thanks
Blake

"Blake" <blake@blake.com> wrote in message
news:%23QKJyUclIHA.3876@TK2MSFTNGP06.phx.gbl...

Similar Posts

Remotely Manage Workstation NTFS Permissions (Microsoft Windows) by Michael K.
Report Server (RS) runs locally but not remotely (Windows CRM) by GregB
Unable to view event viewer logs remotely or locally on Win2k3 Ser (Windows Server) by Joe Rod
{OT - slightly} free website add ons (locally hosted preferred but remotely hosted OK) (Software & Applications) by *ProteanThread*
Set Print Permissions Remotely (Windows 2000) by Brett Blackbeard