I just searched a lot in the web but I could not found any help. I have a own windows service and now it should be possible to configure it from my main software.
I have no problems with installing, starting, stopping, changing and uninstalling it. I can also install the service with other user credentials.
But there's the problem. Before installing the service ("cmd" call sc create SERVICENAME [...]) I want to check if the user with the entered credentials can start services or not. So I need to check if he is entered at the local "Log On as a Service" security policy. I do not want to change the policy, I only want to check if he is allowed to do this.
Is it possible to do this check simply in C#?
It seems that the "Log On as a Service" is a login type of LOGON32_LOGON_SERVICE which you can get from Advapi32.dll. The first thing I found (that may be most helpful) is the LogonUser function that attempts to log on as the user, so it may be able to be used as a detection if logging on as LOGON32_LOGON_SERVICE for your user fails or succeeds.
Here is a full list of core server functions. Some listed look promising but may needs some trial-and-error such as AuditQuerySystemPolicy and such. Best of luck!