I have a console application that I would like to run as 'NT AUTHORITY\NetworkService', but I can't remember how to do so - the only reason is that I will be hosting my service in a Windows service, but for Kerberos authentication testing I want to use the (Service Principal Name) SPN that is already at the domain (it does have delegation enabled).
In short, I can simply convert it from a console application to a Windows service, but I was hoping to keep from that.
How can I do this?
I don't know how accurate it is, but it is suggested that this might not be possible - see here.
It might be simplest to port it into a service... for debugging purposes, it is fairly easy to write code that can work either as a service or as a console exe (making it easy to debug, albeit in the wrong identity). I do this all the time...
Here's an example of this; search in the code for the switches:
case "-c":
case "-console":
i.e. with "-c", it runs the code directly, rather than starting the service infrastructure. The code also shows how to have the exe act as a self-installer, which can be very handy.