none
CreateProcessAsUser returns Error 183. Why?

    Question

  • We've been using a piece of code for quite a while now.  Up until recently, it was working fine.  Now the spawned processes refuse to work, returning error 183 (ERROR_ALREADY_EXISTS).  I've been combing the web looking for answers, but I either find an abandoned thread (like the one on this forum) or answers/solutions that I've tried but nothing seems to work.

    Here's our code that spawns a process:

    bool SpawnImpersonatedProcess( const CString& appName, const CString& cmdLine )
    {
    bool ret = false;

    CString csMsg = "";
    csMsg.Format("Attempting to spawn command line to application [\"%s\"]: %s", m_srvadminpath, cmdLine);
    LogAction(csMsg);
    if (!VerifyToken(m_hUserToken) || !VerifyToken(m_hProcessToken))
    {
    csMsg.Format("Invalid Impersonation tokens (User: 0x%0x) (Process: 0x%0x)", m_hUserToken, m_hProcessToken);
    LogAction(csMsg);
    return false;
    }
    else
    {
    csMsg.Format("Have tokens: User(0x%0x) Process(0x%0x)", m_hUserToken, m_hProcessToken);
    LogAction(csMsg);
    }

    DWORD dwCreationFlags = NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE | /*CREATE_UNICODE_ENVIRONMENT | CREATE_DEFAULT_ERROR_MODE |*/ CREATE_SUSPENDED;

    STARTUPINFO si;
    ZeroMemory(&si, sizeof(STARTUPINFO));
    si.cb = sizeof(STARTUPINFO);
    si.lpDesktop = _T("winsta0\\default");

    PROCESS_INFORMATION pi; //Structure to receive information about the process.
    ZeroMemory(&pi, sizeof(PROCESS_INFORMATION));

    CString csApp = "";
    csApp.Format("\"%s\"", m_srvadminpath);

    CString csModCmdLine = "";
    csModCmdLine.Format("%s %s", csApp, cmdLine); //Combine app and command line to one command for now.
    LogAction(csModCmdLine);

    USES_CONVERSION;
    LPCSTR szApp = CT2CA(csApp);
    LPSTR szCmdLine = csModCmdLine.GetBuffer();
    LPCWSTR szUsername = CT2CW(m_csUsername);
    LPCWSTR szDomain = CT2CW(m_csDomain);
    LPCWSTR szPassword = CT2CW(m_csPassword);
    LPCSTR szCurrDirectory = CT2CA(m_srvadmindirectory);

    if (CreateProcessAsUser(m_hProcessToken, NULL, szCmdLine, NULL, NULL, FALSE, dwCreationFlags, NULL, szCurrDirectory, &si, &pi)) {
    //if (CreateProcessWithLogonW(szUsername, szDomain, szPassword, LOGON_WITH_PROFILE, szApp, szCmdLine, dwCreationFlags, NULL, NULL, &si, &pi)) {
    //Process is now running.
    LogAction("Resuming main thread.");
    ResumeThread(pi.hThread);
    LogAction("Process has started.");
    csMsg.Format("Process ID is %d [0x0%x]", pi.dwProcessId, pi.dwProcessId);
    LogAction(csMsg);
    int count = 0;
    DWORD dwStatus = 0;
    do
    {
    dwStatus = WaitForSingleObject(pi.hProcess, 10000);
    LogAction(".");
    } while ((dwStatus == WAIT_TIMEOUT) && (count < 6));

    if (dwStatus == WAIT_FAILED)
    {
    LogAction("WAIT FAILED for process.");
    LogAction(GetLastErrorMessage());
    }

    csApp.ReleaseBuffer();
    CloseHandle(pi.hProcess);
    CloseHandle(pi.hThread);
    ret = true;
    LogAction("Process has completed.");
    } else {
    ret = false;
    LogAction("Could not create the process.");
    CString csMsg = "";
    csMsg.Format("is this a handle?: 0x%0x | 0x%0x | 0x%0x", pi.hProcess, pi.dwProcessId, pi.hThread);
    LogAction(csMsg);
    csMsg.Format("app: %s\ncmdLine: %s\ncurrDirectory: %s", szApp, szCmdLine, szCurrDirectory);
    LogAction(csMsg);
    LogAction(GetLastErrorMessage());
    }
    return ret;
    }
    If I'm setting something up wrong here, then that's one thing.  But I don't get why it would tell me that the process already exists when it clearly does not.  I mean, I doubt there's some sort of gremlin on the other end pushing the button at the exact same time I'm pushing mine.
    Thursday, July 23, 2009 7:04 PM

Answers

  • Managed to solve this one.

    I changed my dwCreationFlags to omit the NORMAL_PRIORITY_CLASS and it began to work. 

    But it appears that it could have also been a user rights issue.  Specifically, we made sure that "Create a Token Object", and "Replace a Process Level Token" were allowed.  There may have been other permissions involved as well concerning logging on and impersonation after authentication.  If you run into this problem, I suggest you adjust one role at a time and proceed from there.

    Maybe error 183 is a generic "I failed" error for CPAU.
    • Marked as answer by Zinkyu1 Friday, July 24, 2009 5:59 PM
    Friday, July 24, 2009 5:59 PM