Which computer needs SeRemoteShutdownPrivilege to shut down a remote system?
Say, if I want to shut down a remote computer 2 from my computer 1 using a tool like shutdown.exe. I keep reading that this requires SeRemoteShutdownPrivilege. What I am not clear about is which computer needs it, local computer 1 or remote computer 2 that is being shut down?
windows-7 shutdown power-management privileges rpc
asked Dec 14 '18 at 22:42
c00000fdc00000fd
1692616
add a comment |
Say, if I want to shut down a remote computer 2 from my computer 1 using a tool like shutdown.exe. I keep reading that this requires SeRemoteShutdownPrivilege. What I am not clear about is which computer needs it, local computer 1 or remote computer 2 that is being shut down?
windows-7 shutdown power-management privileges rpc
asked Dec 14 '18 at 22:42
c00000fdc00000fd
1692616
1
The user who performed the action
– Ramhound
Dec 14 '18 at 22:51
@Ramhound: Thanks. I guess a process performing a remote shutdown cannot grantSeRemoteShutdownPrivilegeto itself, so it had be done viasecpol, right?
– c00000fd
Dec 14 '18 at 23:30
add a comment |
Say, if I want to shut down a remote computer 2 from my computer 1 using a tool like shutdown.exe. I keep reading that this requires SeRemoteShutdownPrivilege. What I am not clear about is which computer needs it, local computer 1 or remote computer 2 that is being shut down?
windows-7 shutdown power-management privileges rpc
asked Dec 14 '18 at 22:42
c00000fdc00000fd
1692616
Say, if I want to shut down a remote computer 2 from my computer 1 using a tool like shutdown.exe. I keep reading that this requires SeRemoteShutdownPrivilege. What I am not clear about is which computer needs it, local computer 1 or remote computer 2 that is being shut down?
windows-7 shutdown power-management privileges rpc
windows-7 shutdown power-management privileges rpc
asked Dec 14 '18 at 22:42
c00000fdc00000fd
1692616
asked Dec 14 '18 at 22:42
c00000fdc00000fd
1692616
asked Dec 14 '18 at 22:42
c00000fdc00000fd
1692616
asked Dec 14 '18 at 22:42
c00000fdc00000fd
1692616
asked Dec 14 '18 at 22:42
c00000fdc00000fd
1692616
1692616
1
The user who performed the action
– Ramhound
Dec 14 '18 at 22:51
@Ramhound: Thanks. I guess a process performing a remote shutdown cannot grantSeRemoteShutdownPrivilegeto itself, so it had be done viasecpol, right?
– c00000fd
Dec 14 '18 at 23:30
add a comment |
1
The user who performed the action
– Ramhound
Dec 14 '18 at 22:51
@Ramhound: Thanks. I guess a process performing a remote shutdown cannot grantSeRemoteShutdownPrivilegeto itself, so it had be done viasecpol, right?
– c00000fd
Dec 14 '18 at 23:30
1
1
The user who performed the action
– Ramhound
Dec 14 '18 at 22:51
The user who performed the action
– Ramhound
Dec 14 '18 at 22:51
@Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant
SeRemoteShutdownPrivilege to itself, so it had be done via secpol, right?– c00000fd
Dec 14 '18 at 23:30
@Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant
SeRemoteShutdownPrivilege to itself, so it had be done via secpol, right?– c00000fd
Dec 14 '18 at 23:30
add a comment |
2 Answers
2
active
oldest
votes
From your link : "User" Right: Force shutdown from a remote system."
So it would be the user that performs the privileged shutdown.
answered Dec 14 '18 at 23:03
MoabMoab
51k1494160
add a comment |
There is a better description of SeRemoteShutdownPrivilege in the Microsoft
article
Force shutdown from a remote system:
This security setting determines which users are allowed to shut down a device
from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
from a remote location.
The permission then needs to be granted on the computer that is to be shutdown
remotely. The account that is used is the local account that corresponds
to the remote account that will issue the shutdown request.
This is only logical, since otherwise any remote account that has this permission
will be able to shutdown any computer on the local network.
The situation is clearer in a domain, when the remote user is logged-in using
a domain account that will be recognized on the target computer.
answered Dec 15 '18 at 19:25
harrymcharrymc
255k14265566
Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to giveSeRemoteShutdownPrivilegepermission to?
– c00000fd
Dec 15 '18 at 20:20
I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.
– harrymc
Dec 15 '18 at 21:03
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1383708%2fwhich-computer-needs-seremoteshutdownprivilege-to-shut-down-a-remote-system%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
2 Answers
2
active
oldest
votes
2 Answers
2
active
oldest
votes
active
oldest
votes
active
oldest
votes
From your link : "User" Right: Force shutdown from a remote system."
So it would be the user that performs the privileged shutdown.
answered Dec 14 '18 at 23:03
MoabMoab
51k1494160
add a comment |
From your link : "User" Right: Force shutdown from a remote system."
So it would be the user that performs the privileged shutdown.
answered Dec 14 '18 at 23:03
MoabMoab
51k1494160
add a comment |
From your link : "User" Right: Force shutdown from a remote system."
So it would be the user that performs the privileged shutdown.
answered Dec 14 '18 at 23:03
MoabMoab
51k1494160
From your link : "User" Right: Force shutdown from a remote system."
So it would be the user that performs the privileged shutdown.
answered Dec 14 '18 at 23:03
MoabMoab
51k1494160
answered Dec 14 '18 at 23:03
MoabMoab
51k1494160
answered Dec 14 '18 at 23:03
MoabMoab
51k1494160
answered Dec 14 '18 at 23:03
MoabMoab
51k1494160
51k1494160
add a comment |
add a comment |
There is a better description of SeRemoteShutdownPrivilege in the Microsoft
article
Force shutdown from a remote system:
This security setting determines which users are allowed to shut down a device
from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
from a remote location.
The permission then needs to be granted on the computer that is to be shutdown
remotely. The account that is used is the local account that corresponds
to the remote account that will issue the shutdown request.
This is only logical, since otherwise any remote account that has this permission
will be able to shutdown any computer on the local network.
The situation is clearer in a domain, when the remote user is logged-in using
a domain account that will be recognized on the target computer.
answered Dec 15 '18 at 19:25
harrymcharrymc
255k14265566
Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to giveSeRemoteShutdownPrivilegepermission to?
– c00000fd
Dec 15 '18 at 20:20
I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.
– harrymc
Dec 15 '18 at 21:03
add a comment |
There is a better description of SeRemoteShutdownPrivilege in the Microsoft
article
Force shutdown from a remote system:
This security setting determines which users are allowed to shut down a device
from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
from a remote location.
The permission then needs to be granted on the computer that is to be shutdown
remotely. The account that is used is the local account that corresponds
to the remote account that will issue the shutdown request.
This is only logical, since otherwise any remote account that has this permission
will be able to shutdown any computer on the local network.
The situation is clearer in a domain, when the remote user is logged-in using
a domain account that will be recognized on the target computer.
answered Dec 15 '18 at 19:25
harrymcharrymc
255k14265566
Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to giveSeRemoteShutdownPrivilegepermission to?
– c00000fd
Dec 15 '18 at 20:20
I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.
– harrymc
Dec 15 '18 at 21:03
add a comment |
There is a better description of SeRemoteShutdownPrivilege in the Microsoft
article
Force shutdown from a remote system:
This security setting determines which users are allowed to shut down a device
from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
from a remote location.
The permission then needs to be granted on the computer that is to be shutdown
remotely. The account that is used is the local account that corresponds
to the remote account that will issue the shutdown request.
This is only logical, since otherwise any remote account that has this permission
will be able to shutdown any computer on the local network.
The situation is clearer in a domain, when the remote user is logged-in using
a domain account that will be recognized on the target computer.
answered Dec 15 '18 at 19:25
harrymcharrymc
255k14265566
There is a better description of SeRemoteShutdownPrivilege in the Microsoft
article
Force shutdown from a remote system:
This security setting determines which users are allowed to shut down a device
from a remote location on the network. This allows members of the Administrators group or specific users to manage computers (for tasks such as a restart)
from a remote location.
The permission then needs to be granted on the computer that is to be shutdown
remotely. The account that is used is the local account that corresponds
to the remote account that will issue the shutdown request.
This is only logical, since otherwise any remote account that has this permission
will be able to shutdown any computer on the local network.
The situation is clearer in a domain, when the remote user is logged-in using
a domain account that will be recognized on the target computer.
answered Dec 15 '18 at 19:25
harrymcharrymc
255k14265566
answered Dec 15 '18 at 19:25
harrymcharrymc
255k14265566
answered Dec 15 '18 at 19:25
harrymcharrymc
255k14265566
answered Dec 15 '18 at 19:25
harrymcharrymc
255k14265566
255k14265566
Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to giveSeRemoteShutdownPrivilegepermission to?
– c00000fd
Dec 15 '18 at 20:20
I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.
– harrymc
Dec 15 '18 at 21:03
add a comment |
Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to giveSeRemoteShutdownPrivilegepermission to?
– c00000fd
Dec 15 '18 at 20:20
I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.
– harrymc
Dec 15 '18 at 21:03
Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give
SeRemoteShutdownPrivilege permission to?– c00000fd
Dec 15 '18 at 20:20
Well, you see my confusion. You are pretty much contradicting all other answers posted above. So now, which one is it? I kinda followed your logic originally, and it does make sense in case of the domain accounts being used here. But what is confusing is when you have mere workstations involved. If it's the computer that is being shutdown, two questions arise: 1) how would that remote account be known on the other workstation when shutdown is issued to verify this permission? and 2) What process on the remote system that is shutdown do I need to give
SeRemoteShutdownPrivilege permission to?– c00000fd
Dec 15 '18 at 20:20
I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.
– harrymc
Dec 15 '18 at 21:03
I wrote this answer because the others seemed incorrect. 1) The remote account is known by its network credentials or by the identity it assumes on the target computer, 2) This is a property of the effective local/domain account on the target computer under which executes the process. The remote process presents credentials to the target which identify an account, local to the target or domain, that must have this permission.
– harrymc
Dec 15 '18 at 21:03
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1383708%2fwhich-computer-needs-seremoteshutdownprivilege-to-shut-down-a-remote-system%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
1
The user who performed the action
– Ramhound
Dec 14 '18 at 22:51
@Ramhound: Thanks. I guess a process performing a remote shutdown cannot grant
SeRemoteShutdownPrivilegeto itself, so it had be done viasecpol, right?– c00000fd
Dec 14 '18 at 23:30