Which computer needs SeRemoteShutdownPrivilege to shut down a remote system?












0















Say, if I want to shut down a remote computer 2 from my computer 1 using a tool like shutdown.exe. I keep reading that this requires SeRemoteShutdownPrivilege. What I am not clear about is which computer needs it, local computer 1 or remote computer 2 that is being shut down?










share|improve this question


















  • 1





    The user who performed the action

    – Ramhound
    Dec 14 '18 at 22:51











  • @Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant SeRemoteShutdownPrivilege to itself, so it had be done via secpol, right?

    – c00000fd
    Dec 14 '18 at 23:30
















0















Say, if I want to shut down a remote computer 2 from my computer 1 using a tool like shutdown.exe. I keep reading that this requires SeRemoteShutdownPrivilege. What I am not clear about is which computer needs it, local computer 1 or remote computer 2 that is being shut down?










share|improve this question


















  • 1





    The user who performed the action

    – Ramhound
    Dec 14 '18 at 22:51











  • @Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant SeRemoteShutdownPrivilege to itself, so it had be done via secpol, right?

    – c00000fd
    Dec 14 '18 at 23:30














0












0








0








Say, if I want to shut down a remote computer 2 from my computer 1 using a tool like shutdown.exe. I keep reading that this requires SeRemoteShutdownPrivilege. What I am not clear about is which computer needs it, local computer 1 or remote computer 2 that is being shut down?










share|improve this question














Say, if I want to shut down a remote computer 2 from my computer 1 using a tool like shutdown.exe. I keep reading that this requires SeRemoteShutdownPrivilege. What I am not clear about is which computer needs it, local computer 1 or remote computer 2 that is being shut down?







windows-7 shutdown power-management privileges rpc






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Dec 14 '18 at 22:42









c00000fdc00000fd

1692616




1692616








  • 1





    The user who performed the action

    – Ramhound
    Dec 14 '18 at 22:51











  • @Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant SeRemoteShutdownPrivilege to itself, so it had be done via secpol, right?

    – c00000fd
    Dec 14 '18 at 23:30














  • 1





    The user who performed the action

    – Ramhound
    Dec 14 '18 at 22:51











  • @Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant SeRemoteShutdownPrivilege to itself, so it had be done via secpol, right?

    – c00000fd
    Dec 14 '18 at 23:30








1




1





The user who performed the action

– Ramhound
Dec 14 '18 at 22:51





The user who performed the action

– Ramhound
Dec 14 '18 at 22:51













@Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant SeRemoteShutdownPrivilege to itself, so it had be done via secpol, right?

– c00000fd
Dec 14 '18 at 23:30





@Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant SeRemoteShutdownPrivilege to itself, so it had be done via secpol, right?

– c00000fd
Dec 14 '18 at 23:30










2 Answers
2






active

oldest

votes


















1














From your link : "User" Right: Force shutdown from a remote system."



So it would be the user that performs the privileged shutdown.






share|improve this answer































    0














    There is a better description of SeRemoteShutdownPrivilege in the Microsoft
    article
    Force shutdown from a remote system:




    This security setting determines which users are allowed to shut down a device
    from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
    from a remote location.




    The permission then needs to be granted on the computer that is to be shutdown
    remotely. The account that is used is the local account that corresponds
    to the remote account that will issue the shutdown request.



    This is only logical, since otherwise any remote account that has this permission
    will be able to shutdown any computer on the local network.



    The situation is clearer in a domain, when the remote user is logged-in using
    a domain account that will be recognized on the target computer.






    share|improve this answer
























    • Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give SeRemoteShutdownPrivilege permission to?

      – c00000fd
      Dec 15 '18 at 20:20











    • I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.

      – harrymc
      Dec 15 '18 at 21:03











    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1383708%2fwhich-computer-needs-seremoteshutdownprivilege-to-shut-down-a-remote-system%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    From your link : "User" Right: Force shutdown from a remote system."



    So it would be the user that performs the privileged shutdown.






    share|improve this answer




























      1














      From your link : "User" Right: Force shutdown from a remote system."



      So it would be the user that performs the privileged shutdown.






      share|improve this answer


























        1












        1








        1







        From your link : "User" Right: Force shutdown from a remote system."



        So it would be the user that performs the privileged shutdown.






        share|improve this answer













        From your link : "User" Right: Force shutdown from a remote system."



        So it would be the user that performs the privileged shutdown.







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Dec 14 '18 at 23:03









        MoabMoab

        51k1494160




        51k1494160

























            0














            There is a better description of SeRemoteShutdownPrivilege in the Microsoft
            article
            Force shutdown from a remote system:




            This security setting determines which users are allowed to shut down a device
            from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
            from a remote location.




            The permission then needs to be granted on the computer that is to be shutdown
            remotely. The account that is used is the local account that corresponds
            to the remote account that will issue the shutdown request.



            This is only logical, since otherwise any remote account that has this permission
            will be able to shutdown any computer on the local network.



            The situation is clearer in a domain, when the remote user is logged-in using
            a domain account that will be recognized on the target computer.






            share|improve this answer
























            • Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give SeRemoteShutdownPrivilege permission to?

              – c00000fd
              Dec 15 '18 at 20:20











            • I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.

              – harrymc
              Dec 15 '18 at 21:03
















            0














            There is a better description of SeRemoteShutdownPrivilege in the Microsoft
            article
            Force shutdown from a remote system:




            This security setting determines which users are allowed to shut down a device
            from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
            from a remote location.




            The permission then needs to be granted on the computer that is to be shutdown
            remotely. The account that is used is the local account that corresponds
            to the remote account that will issue the shutdown request.



            This is only logical, since otherwise any remote account that has this permission
            will be able to shutdown any computer on the local network.



            The situation is clearer in a domain, when the remote user is logged-in using
            a domain account that will be recognized on the target computer.






            share|improve this answer
























            • Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give SeRemoteShutdownPrivilege permission to?

              – c00000fd
              Dec 15 '18 at 20:20











            • I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.

              – harrymc
              Dec 15 '18 at 21:03














            0












            0








            0







            There is a better description of SeRemoteShutdownPrivilege in the Microsoft
            article
            Force shutdown from a remote system:




            This security setting determines which users are allowed to shut down a device
            from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
            from a remote location.




            The permission then needs to be granted on the computer that is to be shutdown
            remotely. The account that is used is the local account that corresponds
            to the remote account that will issue the shutdown request.



            This is only logical, since otherwise any remote account that has this permission
            will be able to shutdown any computer on the local network.



            The situation is clearer in a domain, when the remote user is logged-in using
            a domain account that will be recognized on the target computer.






            share|improve this answer













            There is a better description of SeRemoteShutdownPrivilege in the Microsoft
            article
            Force shutdown from a remote system:




            This security setting determines which users are allowed to shut down a device
            from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
            from a remote location.




            The permission then needs to be granted on the computer that is to be shutdown
            remotely. The account that is used is the local account that corresponds
            to the remote account that will issue the shutdown request.



            This is only logical, since otherwise any remote account that has this permission
            will be able to shutdown any computer on the local network.



            The situation is clearer in a domain, when the remote user is logged-in using
            a domain account that will be recognized on the target computer.







            share|improve this answer












            share|improve this answer



            share|improve this answer










            answered Dec 15 '18 at 19:25









            harrymcharrymc

            255k14265566




            255k14265566













            • Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give SeRemoteShutdownPrivilege permission to?

              – c00000fd
              Dec 15 '18 at 20:20











            • I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.

              – harrymc
              Dec 15 '18 at 21:03



















            • Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give SeRemoteShutdownPrivilege permission to?

              – c00000fd
              Dec 15 '18 at 20:20











            • I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.

              – harrymc
              Dec 15 '18 at 21:03

















            Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give SeRemoteShutdownPrivilege permission to?

            – c00000fd
            Dec 15 '18 at 20:20





            Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give SeRemoteShutdownPrivilege permission to?

            – c00000fd
            Dec 15 '18 at 20:20













            I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.

            – harrymc
            Dec 15 '18 at 21:03





            I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.

            – harrymc
            Dec 15 '18 at 21:03


















            draft saved

            draft discarded




















































            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1383708%2fwhich-computer-needs-seremoteshutdownprivilege-to-shut-down-a-remote-system%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            Сан-Квентин

            8-я гвардейская общевойсковая армия

            Алькесар