I was wondering what privileges I needed to let a user start a service on our server.

The situation is as follows, some people on our website can start a certain service on the server (Windows 2008 and IIS7). The way that worked so far with me was specifying the application pool I created with my user account (the impersonate method from msdn doens’t work for some reason). Now however I want to change that user account to a user account who only has the priviliges to start and stop a service (and everything that is needed to get him to do that).

The website is written in ASP.NET and C#. I use the ServiceController to start and stop my services.

Which privileges should I assign to that user?

EDIT: I just want to clear some things up here. I managed to get this thing working through the Application pool (although it doesn’t work through debugger). But it only works with a user that is part of the Administrators group which isn’t what I want. I want to specify a special user that will only be able to start and stop the service through the website. So what privileges do I need? Please be specific.

EDIT 2: I found out why my service wouldn’t start in the debugger. I didn’t run Visual Studio with administrator rights. I feel so stupid right now.. Anyway the question still stands as I still need my special user with the correct permissions.

Any comment will be appreciated!
Kind regards,
Floris Devriendt