Cannot End Service Processes with Task Manager


You may receive the following warning message when you try to end a process with Task Manager:
The operation could not be completed. Access is denied.


Stopping a process is done with a call to TerminateProcess (Win32 API). By default, it is not possible to kill a process that is running under a security context different than the one of the process who issued the call to TerminateProcess.


To work around this problem, use the KILL command line utility (available with the Windows Resource Kit) to stop processes that do not run under the security context of the logged on user.

More Information

It is possible to end any process even though it is a service or a system process by previously enabling the debug privilege. This privilege is assigned to Administrators and is disabled in the access token. While Task Manager does not make use of the debug privilege, the KILL utility does.

You may assign this privilege to users other than Administrators with User Manager. To assign this privilege do the following:
  1. On the Policies menu, click User Rights.
  2. Select Show Advanced User Rights.
  3. In the Right box, click Debug Programs, and then click Add to add users.
In Windows 2000 the process is slightly different. You may assign the debug privilege to non-Administrator users use the following steps:
  1. Open the Group Policy snap-in, choose the Local Policy in this case and User Rights Assignment.
  2. In the right pane, double-click Debug Programs.
  3. Click the Add to add other users.
  4. Click OK.
For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:

221930 Domain Security Policy in Windows 2000
227302 Using SECEDIT to Force a Group Policy Refresh Immediately

Id. de artículo: 155075 - Última revisión: 02/26/2007 - Revisión: 1