0

In my environment I have the following machines on the same domain:

  • hostnam1 (Windows 7 enterprise)
  • hostnam2 (Windows 7 enterprise)
  • hostnam3 (Windows Server 2012 R2 domain control)

I have a service which runs as Local system account on hostname1. The service runs in turn another process which inherit the Local system privileges and attempts to access the shared folder \\hostname2\ADMIN$. Both hostname1 and hostname2 are on the same domain.

I can access the shared folder without credentials from hostname1 or hostname3 using explorer but when the spawned process attempts to use the function WNetAddConnection2 to access the shared folder the error 1326 is returned ( ERROR_LOGON_FAILURE (0x52E) ). The same code works on another machine ( \\hostname3\ADMIN$ ). The credentials passed to the WNetAddConnection2 function are correct. The same code works if it's run by a local user as normal process.

How can I configure hostname2 to accept connections from Local system account ?

Using the syntax hostname2\username suggested by Harry Johnston I managed to get the WNetAddConnection2 function to work (return 0).

However when I call the function OpenSCManager like that:

OpenSCManager( "hostname2" , SERVICES_ACTIVE_DATABASE , SC_MANAGER_ENUMERATE_SERVICE);

I get the error 5 ( ERROR_ACCESS_DENIED (0x5) ).

Bemipefe
  • 1,397
  • 4
  • 17
  • 30
  • 1
    Did you remember to specify the username as `DOMAIN\USERNAME` or `username@domain.com` in the call to WNetAddConnection2? – Harry Johnston Feb 14 '17 at 01:08
  • I tried putting the domain name without success. I tried putting username@my.domain, my.domain\username, my\username and all relative uppercase combination of the domain name. Anyway I don't know if it's correct for a local user adding the domain name. – Bemipefe Feb 14 '17 at 11:17
  • 2
    If the username and password you're providing to WNetAddConnection2 belong to a domain account, the username should definitely include the domain name. If they belong to a local account on hostname2 you might need to specify `hostname2\username` instead. – Harry Johnston Feb 14 '17 at 20:25
  • Thanks Harry. A little improvement. – Bemipefe Feb 15 '17 at 10:48
  • A variant of UAC sometimes kicks in when you attempt to connect to a local account over the network, removing the account's administrative access. I'm not sure exactly what the rules are, but that might be why you're not able to connect to the service control manager. If so, the simplest resolution would be to use the computer's domain account instead, i.e., leave out the username and password in the call to WNetAddConnection2 (or leave out the call altogether) and add hostname1$ to the Administrators group on hostname2. – Harry Johnston Feb 15 '17 at 21:10

0 Answers0