This application (CMDAsUser) allows you to run installations or applications as the SYSTEM account and see an interactive desktop. This can be useful in testing applications that are deployed through a product such as ITCM or SCCM using the SYSTEM account.
I found that the following privileges were required even if the calling account has Administrative rights: -
"Act as part of the operating system" (SeTcbPrivilege),
"Bypass traverse checking" (SeChangeNotifyPrivilege),
"Increase quotas" (SeIncreaseQuotaPrivilege),
"Replace a process level token" (SeAssignPrimaryTokenPrivilege).
This is the recommendation on the Internet, however personally I added "Act as part of the operating system" and "Replace a proecss level token" and it works.
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment