实现方式全以批处理文件实现,直接在进程内调用即可
1、注册服务
注册服务manage.bat内容如下
@echo off
setlocal
set ServiceExe=YouProcess.exe
set ServiceName=YouProcess
set BASE=%~dp0
:: 检查命令行参数
if "%~1"=="" (
echo Usage: manage_process.bat start|stop|install
exit /b 1
)
:: 启动服务
if /i "%~1"=="start" (
echo 启动服务...
NET START %ServiceName%
exit
)
:: 停止服务
if /i "%~1"=="stop" (
echo 停止服务...
NET STOP %ServiceName%
exit
)
:: 安装服务
if /i "%~1"=="install" (
echo 安装服务...
start %BASE%%ServiceExe% "-install"
echo 安装成功
exit
)
echo Invalid argument: %~1
echo Usage: manage.bat start|stop|install
exit /b 1
安装指令:
manage.bat install
启动指令
manage.bat start
在项目过程中,如果你想实现卸载等操作直接在批处理文件内新增就行。
2、修改服务的登录账户
sc config YouProcess obj= ".\username" password= "yourpasd"
3、修改策略文件,将账户添加到服务登录权限组内
@echo off
setlocal enabledelayedexpansion
:: 定义临时文件路径和数据库文件路径
set "policyFilePath=C:\secpol.cfg"
set "tempPolicyFile=%policyFilePath%.tmp"
set "databaseFile=C:\Windows\security\database\seccontent.sdb"
:: 默认数据库路径
:: 导出当前的安全策略
echo Exporting current security policy...
secedit /export /cfg "%policyFilePath%" || (
echo Failed to export security policy.
exit /b 1
)
:: 检查是否已存在目标配置
set "policyFound="
for /f "tokens=* delims=" %%a in ('type "%policyFilePath%" ^| findstr /i "SeServiceLogonRight"') do (
set "policyFound=1"
)
:: 修改策略文件
(
for /f "tokens=* delims=" %%a in ('type "%policyFilePath%"') do (
set "line=%%a"
if "!line:SeServiceLogonRight=!" neq "!line!" (
echo SeServiceLogonRight = username,*S-1-5-80-0
) else (
echo %%a
)
)
if not defined policyFound (
echo SeServiceLogonRight = username,*S-1-5-80-0
)
) > "%tempPolicyFile%"
:: 替换原始文件
move /y "%tempPolicyFile%" "%policyFilePath%" >nul || (
echo Failed to replace policy file.
del "%tempPolicyFile%" >nul 2>&1
exit /b 1
)
:: 导入修改后的安全策略(明确指定数据库文件)
echo Importing modified security policy...
secedit /configure /db %databaseFile% /cfg "%policyFilePath%" /areas USER_RIGHTS /overwrite /quiet || (
:: secedit /import /db "%databaseFile%" /cfg "%policyFilePath%" /areas USER_RIGHTS /overwrite || (
echo Failed to import security policy. Check the log file: %windir%\security\logs\scesrv.log
exit /b 1
)
:: 重启依赖服务(替代直接重启Winlogon)
echo Restarting dependent services...
net stop "User Manager" /y >nul 2>&1
net stop "Credential Manager" /y >nul 2>&1
net start "User Manager" >nul 2>&1
net start "Credential Manager" >nul 2>&1
:: 提示重启系统(可选)
:: echo.
:: echo Note: A system restart may be required for changes to take effect fully.
:: echo Do you want to restart now? (Y/N)
:: set /p choice=
:: if /i "!choice!"=="Y" (
:: shutdown /r /t 0
:: )
:: 清理临时文件(注释掉,按需启用)
:: echo Cleaning up...
:: del "%policyFilePath%" >nul 2>&1
:: del "%tempPolicyFile%" >nul 2>&1
echo Operation completed successfully.
你需要修改标红的用户名称即可
