I have an ASP.NET website that runs under LocalSystem. I am trying to reboot current machine by starting a new shutdown.exe process from a request thread like this:
var psi = new ProcessStartInfo
{
FileName = "shutdown.exe",
Arguments = "-r -f",
UseShellExecute = false,
CreateNoWindow = true
};
Process.Start(psi);
This fails with Access Denied error. I thought it was about missing privileges - but enabling it via C# code or PowerShell didn't help (based on answers found here). I also tried adding SYSTEM to the list of users/groups who have the permission to shutdown the system (based on this).
So I tried running above code including UserName and Password to the ProcessStartInfo (a regular Adminsitrator account). I also made some checks to ensure that the process is actually executed under that user (not LocalSystem) - and it is. Reboot still doesn't work. Same happens when I try doing this with powershell.exe (and then cmdlet Restart-Computer) or with cmd.exe and /c shutdown as arguments. I tried this on 2 machines (one EC2 instance, one private server with fresh Windows Server 2016).
Now the most confusing part: as soon as I change my website app pool account to a regular Administrator user account instead of LocalSystem it starts to work. How is this possible? Is the parent-child process relation a problem? Is there any premission/privilege that I am missing when parent process is running as LocalSystem?
