Background:  I'm a programmer working behind a very restrictive firewall 
(over which I have no control).  Our team is small with many tasks (like 
many other teams...) so we attempt to automate and remotely manage the 
system as much as possible.  In this case, we would like to be able to 
restart a given server from an interface running over HTTPS (one of two 
ports we have open in the firewall) so the process can be started from the 
Internet.  I wrote a couple of small apps that use the WinAPI functions 
InitiateSystemShutdown, LogonUser, ImpersonateLoggedOnUser, etc. and they 
work great on the network, but once the classes are instanced in ASP, they 
fail.  The environment is all WinNT 4.0 and current in updates.

Problem:  I believe the problem is related to privileges, but I haven't 
been able to isolate the precise problem.  When initiated from an ASP 
page, the component fails on the InitiateSystemShutdown WinAPI call.  I 
hoped that installing the component in MTS (and running it under an 
appropriate user's credentials) would solve the problem, but that didn't 
work.  NT authentication on the web site/app didn't work.  I even put the 
I_USR and I_WAM user accounts in the Administrators group to test, but 
that failed too.  I tested the app inside and out of the IIS process.  
Giving up on the user's privileges, I persued another suggestion - 
granting privileges to the process using several other WinAPI's 
(OpenProcessToken, AdjustTokenPrivileges, etc.), but was still only able 
to restart while on the LAN, not from the web (and I was rapidly exceeding 
my knowlege level...).

Anyone have some tips for executing these types of commands (that require 
specific user rights and privileges on the underlying network) from a web 
app?

John E. Fay 
Senior Systems Consultant
Global Management Systems Inc.