I have a windows service with StartType = stSystem.
It executes an application with the CreateProcessWithLogonW.
usr := 'myuser';
dmn := 'mydomain';
pwd := 'thepassword';
cmd := 'c:\myapp.exe -calculate';
wdir := 'c:\';
fillchar(si, sizeof(si), 0);
si.cb := sizeof(si);
if not CreateProcessWithLogon(
PWideChar(usr),
PWideCharOf(dmn),
PWideChar(pwd),
LOGON_WITH_PROFILE,
nil,
PWideChar(cmd),
NORMAL_PRIORITY_CLASS or CREATE_NEW_CONSOLE or CREATE_NEW_PROCESS_GROUP,
nil,
PWideChar(wdir),
si,
pi
)
then
RaiseLastOSError; // raises Code 5: Access Denied
Running this code outside the service, everything goes fine!
Why the CreateProcessWithLogon raises a system error Code 5: Access Denied ?
Can be this the cause?
MSDN article on CreateProcessWithLogonW says:
Windows XP with SP2 and Windows Server 2003: You cannot call CreateProcessWithLogonW from a process that is running under the LocalSystem account, because the function uses the logon SID in the caller token, and the token for the LocalSystem account does not contain this SID. As an alternative, use the CreateProcessAsUser and LogonUser functions.
I’m using Windows 7 PRO x64
You are running the service under the LocalSystem account, and as the documentation clearly says:
So either change the user account that the service runs under, or switch to
CreateProcessAsUser(), like the documentation says.