I've got an MSI installer for installing my UpLib server. I use the following bit of code in a custom action to grant the user the right to "log on as a service", so that the service can run under their user-id:
import win32api, win32security username = win32api.GetUserNameEx(win32api.NameSamCompatible) domain, username = username.split("\\") policy_handle = win32security.LsaOpenPolicy(domain, win32security.POLICY_ALL_ACCESS) sid_obj, domain, tmp = win32security.LookupAccountName(domain, username) win32security.LsaAddAccountRights( policy_handle, sid_obj, ('SeServiceLogonRight',) ) win32security.LsaClose( policy_handle ) This seems to work fine if the user is running the installer from a local machine account, but fails if they are running under their domain network account: Traceback (most recent call last): File "c:\docume~1\foobar\locals~1\temp\tmpgmqdnh\win32\install-script.py", line 410, in <module> policy_handle = win32security.LsaOpenPolicy(domain, win32security.POLICY_ALL_ACCESS) pywintypes.error: (1722, 'LsaOpenPolicy', 'The RPC server is unavailable.') I've tried this on a couple of machines, and it's the same on each. Now, if that user opens up admin tools, then local security, then user rights, he can give himself this right. So it's not a privilege problem; I'm just not doing it right in Python. So, how should I be doing it? Bill _______________________________________________ python-win32 mailing list python-win32@python.org http://mail.python.org/mailman/listinfo/python-win32