¿Cómo debo instalar / ejecutar mi servicio?

I'm having the following situation: I'm building an application that requires a service. The service is sometimes creating files and folders, for the user (it actually receives the files, which it then writes on disk).

My problems are the following ones:

  1. If a "Standard User" (ie non-admin) uses the application (which includes the service), the files that the service creates cannot be even read by this user, because he has no privileges, as it seems ("access is denied"). But the same files can afterwards be seen by the admin users.

  2. If the service is creating for the Administrator user a folder on the desktop (I haven't tried with a destination like C:), then then the admin user cannot even see the folder, because of the privileges (the folder does not appear, but it gets nonetheless into the list if I use the "dir" command in cmd; while if I stop the service, the folder automatically gets deleted - I have no idea why). However, I have tried to make the service create a folder in a folder on the desktop (folder that had been already been created by myself before), and it worked correctly.

So I understand that the problem with the service has something to do with how it is installed/ran as. Currently, it is on "LocalSystem" (I have tried to install it using the cmd with the sc.exe command with "LocalService" but it does not recognize the "LocalService").

So, is there a way I can make my service create files and folders for users to read/write them as they wish?

If yes, then PLEASE TELL ME how to do it.

P.S. So far I have used a .bat file to call the sc.exe for installing and starting the service. Is it ok?

preguntado el 09 de noviembre de 11 a las 15:11

I think you'll just have to set the security descriptor directly on the files/folders. -

1 Respuestas

Yes, it seems that is the answer: the security descriptors must be set explicitly. One of the cause it seems it is that the files are actually being created in the C:\Windows\Temp directory, and afterwards are moved to the expected destination path. However, the folders that are being created (directly on the chosen path, e.g. C:\Users\Admin\Desktop\MyFolder) are invisible. So the only solution appears to be to set the security descriptors explicitly.

Respondido el 06 de enero de 12 a las 19:01

No es la respuesta que estás buscando? Examinar otras preguntas etiquetadas or haz tu propia pregunta.