Delete object owned by Network Service - Windows 2008 Server

Question

I've got an object that is owned by the Network Service that I want to delete. It is a Message Queue, a Private Queue. The queue's Properties | Security tab shows Network Services has full control, Everyon has just Get Properties, Get Permissions, and Send Message, And Anonymous Logon has Send Message.

I've got the Administrator login to the server, but the Administrator has no rights to this private queue (other than those alloted to 'Everyone').

How can I delete the queue? Or give the Administrator full rights? I've tried to do a RunAs when opening 'Computer Management', but it defaults to RunAs Administrator, and I haven't found a way to specify RunAs Network Service.

The only thing I can think of now is to write a Window service that finds and deletes the queue, and configure the service to run as Network Service.

Any better ideas?

Answer 1

Got it figured out, thanks to the help of a collegaue.

• While logged in as Administrator, create a new private queue and give it a unique name.
• Go to this directory: C:\Windows\System32\msmq\storage\lqs
• Edit the files with NOTEPAD.
• Look for the line in the file that has the name of the queue queue you just created.
• Copy the entire SECURITY line from that file to the clipboard
• Edit the file that you want to delete (match on QUEUENAME), and replace its SECURITY line with the line you copied in an earlier step.
• Save the changed file. Administrator now has full rights to that queue.
• Delete the queue