ID: Q131144
The information in this article applies to:
- Microsoft Windows NT version 3.51
Some new security API calls were added to Win32 in Windows NT version 3.51. Two of these new calls, LogonUser() and CreateProcessAsUser(), require that the calling process have certain privileges. If the calling process is a service running in the Local System account, it will already have these privileges. Otherwise, the required privileges can be added to an account by using the "User Rights Policy" dialog box. Run the User Manager and choose User Rights from the Policies menu to see the dialog box.
NOTE: You must select the "Show Advanced User Rights" check box to see the privileges mentioned in this article.
The Win32 API reference documents the required privileges, but it gives their internal string names instead of the display names. The "User Rights Policy" dialog box displays the privileges using the display names.
The following table shows the display names associated with the internal string names:
Privilege Display Name
--------------------------------------------------------------------
SeTcbPrivilege Act as part of the operating system
SeAssignPrimaryTokenPrivilege Replace a process level token
SeIncreaseQuotaPrivilege Increase quotas
Keywords : kbnetwork kbAPI kbKernBase kbNTOS351 kbSDKPlatform kbSecurity kbGrpNet
Issue type : kbhowtoLast Reviewed: September 30, 1998