locked
CreateProcessAsUser failing in Vista.. RRS feed

  • Question

  • I am trying to do the following:
    1. I am logged in as Administrator account in my Vista with SP1 machine running VS.NET 2005
    2. This machine also has another account user1 which is a guest account
    3. I am running a program as Administrator, from this program i want to launch a notepad.exe process which will be running under the user1 security context
    4. I specifically want to use CreateProcessasUser to do this..

    This is the code snippet which will explain what i have been trying..


    Code Snippet

        const string GRANTED_ALL = "10000000";


        const int LOGON32_LOGON_INTERACTIVE = 2;
        const int LOGON32_LOGON_NETWORK = 3;
        const int LOGON32_LOGON_BATCH = 4;
        const int LOGON32_LOGON_SERVICE = 5;
        const int LOGON32_LOGON_UNLOCK = 7;
        const int LOGON32_LOGON_NETWORK_CLEARTEXT = 8;
        const int LOGON32_LOGON_NEW_CREDENTIALS = 9;

        const int LOGON32_PROVIDER_DEFAULT = 0;
        static IntPtr hToken = IntPtr.Zero;
        static IntPtr hTokenDuplicate = IntPtr.Zero;

        static void Main(string[] args)
        {
            int last_error = 0;
            if(LogonUser("user1",null,"#welcome123",
                LOGON32_LOGON_INTERACTIVE, 
                LOGON32_PROVIDER_DEFAULT, out hToken))
            {
                last_error = Marshal.GetLastWin32Error();
                PROCESS_INFORMATION pi = new PROCESS_INFORMATION();
                STARTUPINFO si = new STARTUPINFO();
                SECURITY_ATTRIBUTES sa = new SECURITY_ATTRIBUTES();
                last_error = 0;
                last_error = Marshal.GetLastWin32Error();
                if(DuplicateTokenEx(hToken,UInt32.Parse(GRANTED_ALL,System.Globalization.NumberStyles.HexNumber),
                    ref sa,SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation,
                    TOKEN_TYPE.TokenPrimary,out hTokenDuplicate))
                {
                    last_error = 0;
                    last_error = Marshal.GetLastWin32Error();

                    CreateProcessAsUser(hTokenDuplicate, "d:\\san\\notepad.exe", null,
                    ref sa, ref sa, false, 0, IntPtr.Zero, "d:\\san", ref si, out pi);

                    last_error = 0;
                    last_error = Marshal.GetLastWin32Error();

                }
            }

            last_error = 0;
            last_error = Marshal.GetLastWin32Error();


            if (hToken != IntPtr.Zero) CloseHandle(hToken);
            if (hTokenDuplicate != IntPtr.Zero) CloseHandle(hTokenDuplicate);
            
        }
    }


    For some reason this is not working..
    It is failing at the DuplicateTokenEx function.

    Instead of DuplicateTokenEx i also used the DuplicateToken, now it is failing in the CreateProcessAsUser.

    Could someone please throw light on this issue.. This appears to be an apparently very simple thing, but just cant get it right..
    [Please note that I specifically want to LogonUser and then DuplicateToken and then CreateProcessAsUSer]

    Thanks
    Santhosh
    Wednesday, November 26, 2008 7:53 PM

All replies

  • Error codes are always helpful... "Fails" is not very specific!

    I bet DupTokenEx doesn't like the empty SA structure, which you don't have to pass to DupToken.

    Same for the STARTUPINFO. At least the size probably needs to be added...

     

    But it doesn't matter. Even if both APIs succeeded, the resulting process would fail to start because it doesn't have enough access to the windowstation and desktop.

    That's why there's an API that bundles all these steps: CreateProcessWithLogonW.

     

    Regards

    Eric

    Friday, December 5, 2008 11:42 PM
  • Hi Santhosh,
    Did you ever get this code working?  And if so, would you post?

    TIA,
    Chris
    Tuesday, February 10, 2009 7:21 PM