These days, I was working on a webservice that worked directly with http.sys.
This service was planned to wait for requests, and launch programs depending on the request.
Firstly, I planned to use the local system account, and launch the external programs as specific user. This program should be started from a network share, using UNC paths.
Unfortunately, that does not work, Process.Start cannot do that:
My next decision was to add a user for this purpose (to run the Windows service). Unfortunately, Process.Start ignores the essential settings for a Windows service
oInfo:UseShellExecute := false
oInfo:CreateNoWindow := true
oInfo:ErrorDialog := false
oInfo:WindowStyle := ProcessWindowStyle.Hidden
The page from MSDN (https://msdn.microsoft.com/library/0w4h05yb%28v=vs.100%29.aspx) states:
“If the UserName and Password properties of the StartInfo instance are set, the unmanaged CreateProcessWithLogonW function is called, which starts the process in a new window even if the CreateNoWindow property value is true or the WindowStyle property value is Hidden.”
At the moment I’m not changing the user from the service, but executing the external program under the service account.
I had also another small issue: since I was reading the password from an ini file, I thought the StartInfo:PasswordInClearText property was enough. On my development machine it worked, but crashed on the production server, an SBS 2011 (based on Windows Server 2008 R2) because with the .NET Framework 4 this property simply does not exists.
Another issue: if you plan to start a process as another user from a service: this user needs local logon rights (on a server OS this is a manual change)