如何使用 wmi 在不属于管理员组的情况下终止远程进程?
[英]How do I kill a remote process without being on the administrator group using wmi?
问题描述
What is the least level of privilege required for remotely killing a process on a Windows machine using wmi from c#?
使用来自 c# 的 wmi 远程杀死 Windows 机器上的进程所需的最低权限级别是多少?
Currently, I am using an account in the administrators group on the target machine to kill the processes and stop/start windows services but this is causing issues because being in the administrator group also allows users to log on to the target machine via Remote Desktop and I don't want that.目前,我正在使用目标机器上管理员组中的帐户来终止进程并停止/启动 windows 服务,但这会导致问题,因为在管理员组中还允许用户通过远程桌面登录到目标机器和我不想要那个。 What are my options here?我在这里有什么选择?
Can you have a windows group with all the administrator privileges without the Remote Desktop privilege?您能否拥有一个具有所有管理员权限但没有远程桌面权限的 windows 组?
1 个解决方案
解决方案1
0 已采纳 2011-08-15 18:29:35
To the first part of your question: to kill a process (whether locally or remotely) you need to either be the owner of the process (ie the account that originally executed it) or an administrator or SYSTEM.对于您问题的第一部分:要终止进程(无论是本地还是远程),您需要成为该进程的所有者(即最初执行它的帐户)或管理员或系统。
As for the last question regarding Remote Desktop privileges, this is controlled by Group Policy and/or Local Security Policy.至于关于远程桌面权限的最后一个问题,这是由组策略和/或本地安全策略控制的。 Look under Computer Configuration\Security Settings\Local Policy\User Rights Assignment for "Allow log on through Remote Desktop Services" , which by default contains the local Administrators and Remote Desktop Users groups.在计算机配置\安全设置\本地策略\用户权限分配下查找“允许通过远程桌面服务登录” ,默认情况下包含本地管理员和远程桌面用户组。 (There's also a "Deny log on through Remote Desktop Services" options as well.) (还有一个“拒绝通过远程桌面服务登录”选项。)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.