Run Dropbox as service with unprivileged user account on windows

This HowTo describes how to run a Dropbox http://www.getdropbox.com as non privileged user on Microsoft(R) Windows(R).

Prerequisites

Dropbox Account

In order to follow this HowTo you should already have a Dropbox account. It does not matter if you have a free account (~2GB of webspace) or a business account (up to 100GB of webspace). The techniques we use will be the same.

Computer

In order to fill the Dropbox we need a server running the Dropbox executable. This can be any supported platform that can run Dropbox and present the public folder of the Dropbox as file share. This HowTo uses a Windows File Server (Windows Server 2003) and the Dropbox utility for Windows.

Install the Dropbox executable as non administrative user

This documentation assumes that we have a Windows Server 2003.

Logon as local Administrator to the machine.

Create a local user dropboxer
net user dropboxer <password> /add

So we now have a local user:

Username: dropboxer
Password: <password>
Prepare the local dropbox folder

Create an empty directory that should hold the Dropbox, in this example “F:\My DropBox”

mkdir "F:\My Dropbox

and allow the user “dropboxer” Full Access

cacls "F:\My Dropbox" /E /R "CREATOR OWNER"
cacls "F:\My Dropbox" /E /T /G "dropboxer":F
Install the Dropbox binaries

Logon as user dropboxer to the machine or open a CMD.EXE as “dropboxer” with:

runas /profile /user:dropboxer cmd.exe
color 9f

This will create the user profile for the local user “dropboxer” under

C:\Documents and Settings\dropboxer

We now start the Dropbox Setup Utility

"C:\_SWSetup_\DropBox\Dropbox 0.6.557.exe"

You will see a window that asks for administrative credentials.
YOU MUST CLICK “CANCEL” HERE
DO NOT CHOOSE THE ADMINISTRATIVE ACCOUNT HERE

If you press cancel the following message will be presented:

Some features may be disabled if you install Dropbox without administrator rights. Continue?

We accept this with Yes .

The setup will start and we choose the following options

  • Install

If you see the window “Connection Errors” then choose “Connection options” and setup your connection preferences eg.:

Then we see the dropbox account setup

  • –> [x] I already have a Dropbox account
  • –> Next
Email       : <your email>
Password    : <your dropbox password>
Compuer Name: <your computer>

Now you will see:

Welcome to Dropbox, <yourname>!

We press Skip tour and finish

Now you can setup the folder location for your Dropbox, we select:

  • –> [x] I want to choose where to put my Dropbox folder
  • –> Change
  • –> Dropbox Folder Location: F:

Since we already created that folder we get the message:

"There is already a folder here called My Dropbox. Do you want to merge all the existing files in that folder into your Dropbox?"

We accept and finish:

  • –> OK
  • –> Finish

The Dropbox Tray Icon starts. KEEP IN MIND IT IS RUNNING AS USER “dropboxer”

Dropbox Settings

We right click on the Dropbox Tray Icon and select Preferences/GENERAL and setup/disable/enable the following:

[ ] Show system tray notifications              --> NOT SELECTED
[ ] Start Dropbox on system startup             --> NOT SELECTED
  • –> APPlY
  • –> OK

Make sure you disable both options!

Stop the Dropbox Tray Icon now by right clicking on it and selecting Exit. Since we changed the settings not to start the Dropbox automatically at user logon, the Dropbox tray icon should never automatically appear again.

Setup the Dropbox binary as a service

To create a service for the Dropbox binary, we need two utilities from Microsoft.

srvany.exe
instsrv.exe

We copy them to the local installation folder of our Dropbox:

mkdir "C:\Documents and Settings\dropboxer\Application Data\Dropbox\bin"
copy "C:\_SWSetup_\DropBox\srvany\srvany.exe" "C:\Documents and Settings\dropboxer\Application Data\Dropbox\bin"
copy "C:\_SWSetup_\DropBox\srvany\instsrv.exe" "C:\Documents and Settings\dropboxer\Application Data\Dropbox\bin"

Now we setup the service

cd /d "C:\Documents and Settings\dropboxer\Application Data\Dropbox\bin"
instsrv.exe DropBox "C:\Documents and Settings\dropboxer\Application Data\Dropbox\bin\srvany.exe"

This might be also possible using the command sc on newer windows versions!

The commands should result in

The service was successfuly added!

Make sure that you go into the Control Panel and use
the Services applet to change the Account Name and
Password that this newly installed service will use
for its Security Context.

The service is now created in the registry and needs some fine tuning

Open regedit.exe and the following key:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DropBox
  • Create a new key Parameters
  • Select Parameters –> Right Click –> String Value –> “Application”
  • Double click Appliation and change its value to:
C:\Documents and Settings\dropboxer\Application Data\Dropbox\bin\Dropbox.exe

The key we created will result in:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DropBox\Parameters]
"Application"="C:\\Documents and Settings\\dropboxer\\Application Data\\Dropbox\\bin\\Dropbox.exe"

You can also enter a description for the service in the following key:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\DropBox]
"Description"="Runs a DropBox as a single user."

Now we open services.msc and configure the Dropbox service

  • General –> Startup type: “Automatic”
  • Log On –> This account –> .\dropboxer
  • Password : <yourpassword>
  • Confirm Pwd: <yourpassword>
  • –> apply

This should result in the message:

"The account .\dropboxer has been granted the Log On As A Service right."

We accept this with OK.

On the recovery tab of the service we enter the following options:

  • –> First failure : Restart the Service
  • –> Second failure : Restart the Service
  • –> Subsequent failures : Take No Action
  • –> Reset fail count after 1 days
  • –> Restart service after 1 minutes
  • –> Apply –> OK

Now we can start the service. It should start without any problems! Use the taskmanager to find an instance of dropbox.exe running as dropboxer to verify the successfull start.

more fine tuning

Since I don't want that someone will ever start the Dropbox manually, I deleted all Shortcuts, Icons whatever that appeared in the startmenu or desktop to execute the dropbox executable. This server has only 2 accounts (Administrator for administrative tasks) and the dropbox user. So I had to make sure, that no Administrator accidentely starts the dropbox a second time. - I created a shortcut on the all users desktop (with the nice dropbox icon) that points to this batch-file I created:

@echo off
CLS
for /F "USEBACKQ" %%a IN (`tasklist /NH /FI "IMAGENAME eq dropbox.exe"`) DO (
 IF /I "%%a"=="Dropbox.exe" (
  color 4E
  ECHO You have to stop the DropBox Service before you are able to start
  ECHO the DropBox Tray Icon for administrative tasks
  ECHO.
  ECHO Make sure you restart the service afterwards!
  ECHO.
  ECHO If you have any questions ask the administrator!
  ECHO.
  PAUSE
  EXIT) ELSE (
  "C:\WINDOWS\system32\runas.exe" /profile /savecred /user:dropboxer "C:\Documents and Settings\dropboxer\Application Data\Dropbox\bin\Dropbox.exe"
  )
)

Run it once as administrator to save the credentials. Now if you need to start Dropbox (for administrative tasks) and click on the Shortcut on the desktop you get an error message, when dropbox is running as a service in the background. If you stopped the service the shortcut starts the dropbox icon and you can do your administrative tasks.

I think this solution is also a good starting point if you want to run multiple dropboxes on one system. And of course you can create multiple accounts and multiple services for multiple dropboxes with this documentation.

public/windows/dropbox.txt · Last modified: 2015/08/11 08:20 (external edit)
CC Attribution-Share Alike 3.0 Unported
Driven by DokuWiki Recent changes RSS feed Valid CSS Valid XHTML 1.0