Unsolved Windows URL ACL
-
I'm trying to run an (self-written) application which uses an HttpListener. Everything apart from a listener on 127.0.0.1 requires elevated privileges to launch.
I want my application to start without elevated privileges and tried to add a URL ACL:
netsh http add urlacl url=http://+:12345/ user=SOMEDOMAIN\SOMEUSER listen=yes
("+" is a wildcard in the netsh syntax.)
Windows happily accepts that command, but it does not seem to have any effect. What I tried:
- Different users: the one who invokes the process, NT Authority\Network Service, even Everyone.
- Computer restart does not help.
- Added listen=yes
My HttpListener is configured as http://*:12345/ ("*" is a wildcard for all IPs on that machine)
Any ideas?
-
Network modification rights can be granted aside from admin rights. Can you add network management group to that user? Name escapes means I am sitting at the table drinking coffee atm.
-
@JaredBusch said in Windows URL ACL:
Network modification rights can be granted aside from admin rights. Can you add network management group to that user? Name escapes means I am sitting at the table drinking coffee atm.
Will try, but would rather like to solve that problem. Also happens when you use WCF (Windows Communication Foundation, I think they both interact with http.sys, but I'm not 100% sure about this), so this isn't a once-in-a-decade problem.
-
What OS?
-
@Dashrender said in Windows URL ACL:
What OS?
Anything > Vista I guess
Currently testing on Win7 and Win10