Clever Geek Handbook

CreateProcessAsUser doesn't work correctly in my experiments

I am trying to do the following: 1. I have logged in as an administrator account on my SP2 machine running VS.NET 2005 2. This machine also has another account user1, which is a guest account 3. I run the program as Administrator, from of this program, I want to start the notepad.exe process, which will run under the security context user1 4. I specifically want to use CreateProcessasUser

for this.

This is the code that will explain what I was trying.

const string GRANTED_ALL = "10000000";

const int LOGON32_LOGON_INTERACTIVE = 2;
const int LOGON32_LOGON_NETWORK = 3;
const int LOGON32_LOGON_BATCH = 4;
const int LOGON32_LOGON_SERVICE = 5;
const int LOGON32_LOGON_UNLOCK = 7;
const int LOGON32_LOGON_NETWORK_CLEARTEXT = 8;
const int LOGON32_LOGON_NEW_CREDENTIALS = 9;

const int LOGON32_PROVIDER_DEFAULT = 0;
static IntPtr hToken = IntPtr.Zero;
static IntPtr hTokenDuplicate = IntPtr.Zero;

static void Main(string[] args)
{
    int last_error = 0;
    if(LogonUser("user1",null,"#welcome123",
        LOGON32_LOGON_INTERACTIVE, 
        LOGON32_PROVIDER_DEFAULT, out hToken))
    {
        last_error = Marshal.GetLastWin32Error();
        PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
        STARTUPINFO si = new STARTUPINFO();
        SECURITY_ATTRIBUTES sa = new SECURITY_ATTRIBUTES();
        last_error = 0;
        last_error = Marshal.GetLastWin32Error();
        if(DuplicateTokenEx(hToken,UInt32.Parse(GRANTED_ALL,System.Globalization.NumberStyles.HexNumber),
            ref sa,SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation,
            TOKEN_TYPE.TokenPrimary,out hTokenDuplicate))
        {
            last_error = 0;
            last_error = Marshal.GetLastWin32Error();

            CreateProcessAsUser(hTokenDuplicate, "d:\\san\\notepad.exe", null,
            ref sa, ref sa, false, 0, IntPtr.Zero, "d:\\san", ref si, out pi);

            last_error = 0;
            last_error = Marshal.GetLastWin32Error();

        }
    }

    last_error = 0;
    last_error = Marshal.GetLastWin32Error();


    if (hToken != IntPtr.Zero) CloseHandle(hToken);
    if (hTokenDuplicate != IntPtr.Zero) CloseHandle(hTokenDuplicate);

}

For some reason this doesn't work. The function DuplicateTokenEx

returns as error code 1305 and I cannot figure out why ..

Instead DuplicateTokenEx

I also used DuplicateToken

, now CreateProcessasUser

returns error code 1308.

Can someone try to shed some light on this problem .. It seems to be a very simple thing, but I just can't get it right. [Please note that I specifically want LogonUser

, and then DuplicateToken

, and then CreateProcessasUser

]

+1


source to share


1 answer


See CreateProcessAsUser () windows and desktops .

But I suggest doing it in a controlled way:



...
using System.Diagnostics;
using System.Security;
...
...
string progPath = @"c:\WINNT\notepad.exe";
ProcessStartInfo startInfo = new ProcessStartInfo(progPath);
startInfo.WindowStyle = ProcessWindowStyle.Normal;
startInfo.UseShellExecute = false;
startInfo.UserName = "SomeUser";
SecureString password = new SecureString();

#region setting password
password.AppendChar('p');
password.AppendChar('a');
...
#endregion

startInfo.Password = password;
Process.Start(startInfo);
...
...
-2


source






More articles:


All Articles