locked
CreateProcessAsUser RRS feed

  • Question

  • Hi Guys,


    I am trying to accomplish a windows service which creates a process using createprocessasuser.I went through the internet for 2 months but never got a working code in windows 2000.Can anybody give me a working solution that run an interactive process in console(winsta0/default).


    Thanks in advance...
    Monday, September 22, 2008 1:11 PM

Answers

  • fazalbhi said:

    OK about your links ,I already went through these .Dont you read fully the first link? That program creates a process in any other desktop not the user desktop and we can see only in taskmngr.The second one I am not a premium member of expertz exchange and cant see the solutions.Can you please provide me a working code.


    Oh, sorry then. Anyways, I just found something out : Google points to the full article. I clicked my link and went to the site and couldn't see the solution. So I copy/pasted the title into Google and tadaa I had the full article. Try it out.

    Anyway, here's the code which was posted back there. See if you can sort it out. Note that I did not read that code, I just thought it might be of some use.

    1typedef struct _TOKEN_USER { 
    2    SID_AND_ATTRIBUTES User; 
    3} TOKEN_USER, *PTOKEN_USER; 
    4
    5#ifndef SID_IDENTIFIER_AUTHORITY_DEFINED 
    6#define SID_IDENTIFIER_AUTHORITY_DEFINED 
    7typedef struct _SID_IDENTIFIER_AUTHORITY { 
    8    BYTE  Value[6]; 
    9} SID_IDENTIFIER_AUTHORITY, *PSID_IDENTIFIER_AUTHORITY; 
    10#endif 
    11
    12
    13#ifndef SID_DEFINED 
    14#define SID_DEFINED 
    15typedef struct _SID { 
    16   BYTE  Revision; 
    17   BYTE  SubAuthorityCount; 
    18   SID_IDENTIFIER_AUTHORITY IdentifierAuthority; 
    19#ifdef MIDL_PASS 
    20   [size_is(SubAuthorityCount)] DWORD SubAuthority[*]; 
    21#else // MIDL_PASS 
    22   DWORD SubAuthority[ANYSIZE_ARRAY]; 
    23#endif // MIDL_PASS 
    24} SID, *PISID; 
    25#endif 
    26 
    27typedef struct _SID_AND_ATTRIBUTES { 
    28    PSID Sid; 
    29    DWORD Attributes; 
    30    } SID_AND_ATTRIBUTES, * PSID_AND_ATTRIBUTES; 
    31 
    32typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY]; 
    33typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY; 

    and now in C#

    1// Structure for the CreateProcessAsuser API 
    2  
    3[StructLayout(LayoutKind.Sequential)] 
    4        public struct SECURITY_ATTRIBUTES 
    5        { 
    6            public int Length; 
    7            public IntPtr lpSecurityDescriptor; 
    8            public bool bInheritHandle; 
    9        } 
    10//Structure for the DuplicateTokenEx API 
    11  
    12        enum TOKEN_TYPE : int 
    13        { 
    14            TokenPrimary = 1, 
    15            TokenImpersonation = 2 
    16        } 
    17//Structure for the SetTokenInformation API 
    18  
    19        public enum TOKEN_INFORMATION_CLASS : int 
    20        { 
    21            TokenUser = 1, 
    22            TokenGroups, 
    23            TokenPrivileges, 
    24            TokenOwner, 
    25            TokenPrimaryGroup, 
    26            TokenDefaultDacl, 
    27            TokenSource, 
    28            TokenType, 
    29            TokenImpersonationLevel, 
    30            TokenStatistics, 
    31            TokenRestrictedSids, 
    32            TokenSessionId, 
    33            TokenGroupsAndPrivileges, 
    34            TokenSessionReference, 
    35            TokenSandBoxInert, 
    36            TokenAuditPolicy, 
    37            TokenOrigin, 
    38            MaxTokenInfoClass   
    39        // MaxTokenInfoClass should always be the last enum 
    40  
    41        } 
    42//Structure for CreateProcess API 
    43  
    44        [StructLayout(LayoutKind.Sequential)] 
    45        public struct STARTUPINFO 
    46        { 
    47            public int cb; 
    48            public String lpReserved; 
    49            public String lpDesktop; 
    50            public String lpTitle; 
    51            public uint dwX; 
    52            public uint dwY; 
    53            public uint dwXSize; 
    54            public uint dwYSize; 
    55            public uint dwXCountChars; 
    56            public uint dwYCountChars; 
    57            public uint dwFillAttribute; 
    58            public uint dwFlags; 
    59            public short wShowWindow; 
    60            public short cbReserved2; 
    61            public IntPtr lpReserved2; 
    62            public IntPtr hStdInput; 
    63            public IntPtr hStdOutput; 
    64            public IntPtr hStdError; 
    65        } 
    66//Structure for CreateProcess API 
    67  
    68        [StructLayout(LayoutKind.Sequential)] 
    69        public struct PROCESS_INFORMATION 
    70        { 
    71            public IntPtr hProcess; 
    72            public IntPtr hThread; 
    73            public uint dwProcessId; 
    74            public uint dwThreadId; 
    75        } 
    76//Structure for LookupPriveleges API 
    77  
    78       [StructLayout(LayoutKind.Sequential)] 
    79        internal struct LUID 
    80        { 
    81            public int LowPart; 
    82            public int HighPart; 
    83        }//end struct 
    84  
    85//For the TOKEN PRIVILEGES STRUCTURE 
    86  
    87        [StructLayout(LayoutKind.Sequential)] 
    88        internal struct LUID_AND_ATRIBUTES 
    89        { 
    90            public LUID Luid; 
    91            public int Attributes; 
    92        }//end struct 
    93  
    94//Structure for the AdjustTokenPrivileges API 
    95  
    96  
    97        [StructLayout(LayoutKind.Sequential)] 
    98        internal struct TOKEN_PRIVILEGES 
    99        { 
    100            internal int PrivilegeCount; 
    101            //LUID_AND_ATRIBUTES 
    102  
    103            [MarshalAs(UnmanagedType.ByValArray, SizeConst = 3)] 
    104            internal int[] Privileges; 
    105        } 
    106  
    107//Defined for Token rights 
    108  
    109  
    110        public const int READ_CONTROL = 0x00020000; 
    111        public const int STANDARD_RIGHTS_REQUIRED = 0x000F0000; 
    112        public const int STANDARD_RIGHTS_READ = READ_CONTROL; 
    113        public const int STANDARD_RIGHTS_WRITE = READ_CONTROL; 
    114        public const int STANDARD_RIGHTS_EXECUTE = READ_CONTROL; 
    115        public const int STANDARD_RIGHTS_ALL = 0x001F0000; 
    116        public const int SPECIFIC_RIGHTS_ALL = 0x0000FFFF; 
    117        public const int TOKEN_ASSIGN_PRIMARY = 0x0001; 
    118        public const int TOKEN_DUPLICATE = 0x0002; 
    119        public const int TOKEN_IMPERSONATE = 0x0004; 
    120        public const int TOKEN_QUERY = 0x0008; 
    121        public const int TOKEN_QUERY_SOURCE = 0x0010; 
    122        public const int TOKEN_ADJUST_PRIVILEGES = 0x0020; 
    123        public const int TOKEN_ADJUST_GROUPS = 0x0040; 
    124        public const int TOKEN_ADJUST_DEFAULT = 0x0080; 
    125        public const int TOKEN_ADJUST_SESSIONID = 0x0100; 
    126        public const int TOKEN_ALL_ACCESS_P = (STANDARD_RIGHTS_REQUIRED | 
    127                                      TOKEN_ASSIGN_PRIMARY | 
    128                                      TOKEN_DUPLICATE | 
    129                                      TOKEN_IMPERSONATE | 
    130                                      TOKEN_QUERY | 
    131                                      TOKEN_QUERY_SOURCE | 
    132                                      TOKEN_ADJUST_PRIVILEGES | 
    133                                      TOKEN_ADJUST_GROUPS | 
    134                                      TOKEN_ADJUST_DEFAULT); 
    135        public const int TOKEN_ALL_ACCESS = TOKEN_ALL_ACCESS_P |  
    136                      TOKEN_ADJUST_SESSIONID; 
    137        public const int TOKEN_READ = STANDARD_RIGHTS_READ | TOKEN_QUERY; 
    138        public const int TOKEN_WRITE = STANDARD_RIGHTS_WRITE | 
    139                                      TOKEN_ADJUST_PRIVILEGES | 
    140                                      TOKEN_ADJUST_GROUPS | 
    141                                      TOKEN_ADJUST_DEFAULT; 
    142        public const int TOKEN_EXECUTE = STANDARD_RIGHTS_EXECUTE; 
    143  
    144//Defined for Process Rights 
    145  
    146        public const uint MAXIMUM_ALLOWED = 0x2000000; 
    147        public const int CREATE_NEW_PROCESS_GROUP = 0x00000200; 
    148        public const int CREATE_UNICODE_ENVIRONMENT = 0x00000400; 
    149        public const int IDLE_PRIORITY_CLASS = 0x40; 
    150        public const int NORMAL_PRIORITY_CLASS = 0x20; 
    151        public const int HIGH_PRIORITY_CLASS = 0x80; 
    152        public const int REALTIME_PRIORITY_CLASS = 0x100; 
    153        public const int CREATE_NEW_CONSOLE = 0x00000010; 
    154        public const string SE_DEBUG_NAME = "SeDebugPrivilege"
    155        public const string SE_RESTORE_NAME = "SeRestorePrivilege"
    156        public const string SE_BACKUP_NAME = "SeBackupPrivilege"
    157        public const int SE_PRIVILEGE_ENABLED = 0x0002; 
    158        public const int ERROR_NOT_ALL_ASSIGNED = 1300; 
    159  
    160//structure for the Process32First API 
    161  
    162    
    163[StructLayout(LayoutKind.Sequential)] 
    164        private struct PROCESSENTRY32 
    165        { 
    166            public uint dwSize; 
    167            public uint cntUsage; 
    168            public uint th32ProcessID; 
    169            public IntPtr th32DefaultHeapID; 
    170            public uint th32ModuleID; 
    171            public uint cntThreads; 
    172            public uint th32ParentProcessID; 
    173            public int pcPriClassBase; 
    174            public uint dwFlags; 
    175            [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 260)] 
    176            public string szExeFile; 
    177        }   
    178 




    if a problem looks too big, break it into smaller objects
    • Proposed as answer by jack 321 Monday, September 29, 2008 8:28 AM
    • Marked as answer by jack 321 Tuesday, September 30, 2008 9:48 AM
    Monday, September 29, 2008 8:18 AM

All replies

  • Hi fazalbhi,

    Here is a MSDN document with a sample about how to use “CreateProcessAsUser()” Win32 API function, though it is C++ code, we can use P/Invoke this code snippet in C#, please refer to the following URI.

    Starting an Interactive Client Process

    About P/invoke sample in C#, please refer to the following MSDN document.

    Call Unmanaged DLLs from C#

    Platform Invoke Tutorial

    Regards,

    Xun


    Please remember to mark the replies as answers if they help and unmark them if they provide no help. http://forums.msdn.microsoft.com/en-US/csharpide/thread/8e9ed0d7-11ff-402a-8489-9b5f05eeb706
    Thursday, September 25, 2008 5:33 AM
  • Thanks for your reply


    I got a lot of examples in C++ regarding to this and I trid to convert to c# or vb.net.I tried to modify the DACL of window station and desktop using the code in http://support.microsoft.com/kb/Q165194.I can modify the DACL but getting the same error "Application failed ti initialize"when calling createprocessasuser().Also once modify the DACL with this code I cant modify DACL again either restart the computer(Getting 0 as current DACL pointer). Below is the code I am using .please tell me what i did wrong.


    regards

    fazal


     Private Function AddUserToWindowStation(ByVal UserSID As IntPtr) As Boolean '(ByVal SSId As IntPtr, ByVal CWinSta As IntPtr) As Boolean 
            Try 
                Dim ReqLength As Integer = 0 
                Dim lDaclPresent, lDaclDefaulted As Boolean 
                Dim ResDACL As IntPtr 
                SettingStation = OpenWindowStation("Winsta0", False, READ_CONTROL Or WRITE_DAC) 
                Result = GetUserObjectSecurity(SettingStation, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, 0, ReqLength, ReqLength) 
                If Result = False Then 
                    'System.Diagnostics.EventLog.WriteEntry("Test Service[GetUserObjectSecurity1]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                    If Err.LastDllError = 122 Then 
                        Dim ResultLength As IntPtr = Marshal.AllocHGlobal(ReqLength) 
                        Dim NewOSPtr As IntPtr = Marshal.AllocHGlobal(ReqLength) 
                        Result = GetUserObjectSecurity(SettingStation, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, ResultLength, ReqLength, ReqLength) 
                        If Result = False Then 
                            Marshal.FreeHGlobal(ResultLength) 
                            Marshal.FreeHGlobal(NewOSPtr) 
                            System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-GetUserObjectSecurity2]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                            Return False 
                            Exit Function 
                        End If 
                        Dim SecDis As SECURITY_DESCRIPTOR = DirectCast(Marshal.PtrToStructure(ResultLength, GetType(SECURITY_DESCRIPTOR)), SECURITY_DESCRIPTOR) 
                        Result = InitializeSecurityDescriptor(NewOSPtr, SECURITY_DESCRIPTOR_REVISION) 
                        If Result = False Then 
                            Marshal.FreeHGlobal(ResultLength) 
                            Marshal.FreeHGlobal(NewOSPtr) 
                            System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-InitializeSecurityDescriptor]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                            Return False 
                            Exit Function 
                        End If 
                        Result = GetSecurityDescriptorDacl(ResultLength, lDaclPresent, ResDACL, lDaclDefaulted) 
                        If Result = False Then 
                            Marshal.FreeHGlobal(ResultLength) 
                            Marshal.FreeHGlobal(NewOSPtr) 
                            System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-GetSecurityDescriptorDacl]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                            Return False 
                            Exit Function 
                        End If 
                        If lDaclPresent = True And ResDACL <> 0 Then 
                            ' Dim AclSize As ACL_SIZE_INFORMATION 
                            Dim DACLInfoPtr As IntPtr = Marshal.AllocHGlobal(Marshal.SizeOf(GetType(ACL_SIZE_INFORMATION))) 
                            'Dim DACLsize As Integer = Marshal.SizeOf(GetType(ACL_SIZE_INFORMATION)) 
                            Result = GetAclInformation(ResDACL, DACLInfoPtr, Marshal.SizeOf(GetType(ACL_SIZE_INFORMATION)), 2) 
                            If Result = False Then 
                                Marshal.FreeHGlobal(ResultLength) 
                                Marshal.FreeHGlobal(NewOSPtr) 
                                Marshal.FreeHGlobal(DACLInfoPtr) 
                                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStationGetAclInformation]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                Return False 
                                Exit Function 
                            End If 
                            Dim DACLSInfo As ACL_SIZE_INFORMATION = DirectCast(Marshal.PtrToStructure(DACLInfoPtr, GetType(ACL_SIZE_INFORMATION)), ACL_SIZE_INFORMATION) 
                            'Dim TotalDACLSize As Integer = CType(Marshal.PtrToStructure(DACLInfoPtr, GetType(ACL_SIZE_INFORMATION)), ACL_SIZE_INFORMATION).AclBytesInUse 
     
                            Dim TotalDACLSize As Integer = DACLSInfo.AclBytesInUse 
                            'Dim NewSize As Integer = TotalDACLSize + Marshal.SizeOf(GetType(ACCESS_ALLOWED_ACE)) - Marshal.SizeOf(GetType(Integer)) + (SID_MAX_SUB_AUTHORITIES * Marshal.SizeOf(GetType(Integer))) 
                            Dim NewSize As Integer = TotalDACLSize + (2 * Marshal.SizeOf(GetType(ACCESS_ALLOWED_ACE))) + (2 * GetLengthSid(UserSID)) - (2 * Marshal.SizeOf(GetType(Integer))) 
                            Dim NewAcl As IntPtr = Marshal.AllocHGlobal(NewSize) 
                            Result = InitializeAcl(NewAcl, NewSize, ACL_REVISION) 
                            If Result = False Then 
                                Marshal.FreeHGlobal(ResultLength) 
                                Marshal.FreeHGlobal(DACLInfoPtr) 
                                Marshal.FreeHGlobal(NewOSPtr) 
                                Marshal.FreeHGlobal(NewAcl) 
                                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStationInitializeAcl]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                Return False 
                                Exit Function 
                            End If 
                            Dim RAce As IntPtr = Marshal.AllocHGlobal(Marshal.SizeOf(GetType(ACE))) 
                            For i As Integer = 0 To DACLSInfo.AceCount - 1 
                                Result = GetAce(ResDACL, i, RAce) 
                                If Result = False Then 
                                    Marshal.FreeHGlobal(ResultLength) 
                                    Marshal.FreeHGlobal(DACLInfoPtr) 
                                    Marshal.FreeHGlobal(NewOSPtr) 
                                    Marshal.FreeHGlobal(NewAcl) 
                                    System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-GetAce-666]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                    Return False 
                                    Exit Function 
                                End If 
                                'Dim ResultPtr As IntPtr = CType(Marshal.PtrToStructure(RAce, GetType(IntPtr)), IntPtr) 
                                'Dim NewAclPtr As IntPtr = Marshal.AllocHGlobal(Marshal.SizeOf(NewAcl)) 
                                Dim AceStruct As ACCESS_ALLOWED_ACE = CType(Marshal.PtrToStructure(RAce, GetType(ACCESS_ALLOWED_ACE)), ACCESS_ALLOWED_ACE) 
                                Result = AddAce(NewAcl, ACL_REVISION, MAXDWORD, RAce, AceStruct.Header.AceSize) 
                                If Result = False Then 
                                    Marshal.FreeHGlobal(ResultLength) 
                                    Marshal.FreeHGlobal(DACLInfoPtr) 
                                    Marshal.FreeHGlobal(NewAcl) 
                                    Marshal.FreeHGlobal(NewOSPtr) 
                                    System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-AddAce-685]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                    Return False 
                                    Exit Function 
                                End If 
                            Next 
                            Result = IsValidSid(UserSID) 
                            If Result = False Then 
                                Marshal.FreeHGlobal(ResultLength) 
                                Marshal.FreeHGlobal(DACLInfoPtr) 
                                Marshal.FreeHGlobal(NewAcl) 
                                Marshal.FreeHGlobal(NewOSPtr) 
                                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-AddAce-685]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                Return False 
                                Exit Function 
                            End If 
                            Dim USIDSize As Integer = Marshal.SizeOf(GetType(Integer)) 
                            Dim USIDPtr As IntPtr = Marshal.AllocHGlobal(USIDSize) 
                            Dim USISize As Integer = GetLengthSid(UserSID) 
                            Result = CopySid(USISize, USIDPtr, UserSID) 
                            If Result = False Then 
                                Marshal.FreeHGlobal(ResultLength) 
                                Marshal.FreeHGlobal(DACLInfoPtr) 
                                Marshal.FreeHGlobal(NewAcl) 
                                Marshal.FreeHGlobal(NewOSPtr) 
                                Marshal.FreeHGlobal(USIDPtr) 
                                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-AddAce-702]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                Return False 
                                Exit Function 
                            End If 
                            Dim DiffSize As Integer = Marshal.SizeOf(GetType(ACCESS_ALLOWED_ACE)) + GetLengthSid(UserSID) - Marshal.SizeOf(GetType(Integer)) 
                            Dim NewPtr As IntPtr = Marshal.AllocHGlobal(DiffSize) 
                            Dim PAce As ACCESS_ALLOWED_ACE 
                            PAce.Header.AceType = ACCESS_ALLOWED_ACE_TYPE 
                            PAce.Header.AceFlags = CONTAINER_INHERIT_ACE Or INHERIT_ONLY_ACE Or OBJECT_INHERIT_ACE 
                            PAce.Header.AceSize = DiffSize 
                            PAce.Mask = GENERIC_ALL 
                            PAce.SidStart = DirectCast(Marshal.PtrToStructure(USIDPtr, GetType(Integer)), Integer) 
                            Marshal.StructureToPtr(PAce, NewPtr, True) 
                            Result = AddAce(NewAcl, ACL_REVISION, MAXDWORD, NewPtr, PAce.Header.AceSize) 
                            If Result = False Then 
                                Marshal.FreeHGlobal(ResultLength) 
                                Marshal.FreeHGlobal(DACLInfoPtr) 
                                Marshal.FreeHGlobal(NewAcl) 
                                Marshal.FreeHGlobal(NewPtr) 
                                Marshal.FreeHGlobal(NewOSPtr) 
                                Marshal.FreeHGlobal(USIDPtr) 
                                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-AddAce-724]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                Return False 
                                Exit Function 
                            End If 
                            Dim ConPtr As IntPtr = Marshal.AllocHGlobal(DiffSize) 
                            PAce.Header.AceFlags = NO_PROPAGATE_INHERIT_ACE 
                            PAce.Mask = WINSTA_ACCESS_RIGHTS.WINSTA_ALL_ACCESS 
                            Marshal.StructureToPtr(PAce, ConPtr, True) 
                            Result = AddAce(NewAcl, ACL_REVISION, MAXDWORD, ConPtr, PAce.Header.AceSize) 
                            If Result = False Then 
                                Marshal.FreeHGlobal(ResultLength) 
                                Marshal.FreeHGlobal(DACLInfoPtr) 
                                Marshal.FreeHGlobal(NewAcl) 
                                Marshal.FreeHGlobal(NewPtr) 
                                Marshal.FreeHGlobal(ConPtr) 
                                Marshal.FreeHGlobal(USIDPtr) 
                                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-AddAce-740]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                Return False 
                                Exit Function 
                            End If 
                            'Dim NewDACL As ACL = DirectCast(Marshal.PtrToStructure(NewAcl, GetType(ACL)), ACL) 
                            Result = SetSecurityDescriptorDacl(NewOSPtr, True, NewAcl, False) 
                            If Result = False Then 
                                Marshal.FreeHGlobal(ResultLength) 
                                Marshal.FreeHGlobal(DACLInfoPtr) 
                                Marshal.FreeHGlobal(NewAcl) 
                                Marshal.FreeHGlobal(NewPtr) 
                                Marshal.FreeHGlobal(ConPtr) 
                                Marshal.FreeHGlobal(USIDPtr) 
                                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-SetSecurityDescriptorDacl]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                Return False 
                                Exit Function 
                            End If 
                            Dim NewSD As SECURITY_DESCRIPTOR = DirectCast(Marshal.PtrToStructure(NewOSPtr, GetType(SECURITY_DESCRIPTOR)), SECURITY_DESCRIPTOR) 
                            NewSD.revision = 1 
                            Result = SetUserObjectSecurity(SettingStation, SECURITY_INFORMATION.DACL_SECURITY_INFORMATION, NewSD) 
                            If Result = False Then 
                                Marshal.FreeHGlobal(ResultLength) 
                                Marshal.FreeHGlobal(DACLInfoPtr) 
                                Marshal.FreeHGlobal(NewAcl) 
                                Marshal.FreeHGlobal(NewPtr) 
                                Marshal.FreeHGlobal(USIDPtr) 
                                Marshal.FreeHGlobal(ConPtr) 
                                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-SetUserObjectSecurity]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                                Return False 
                                Exit Function 
                            End If 
                            Marshal.FreeHGlobal(ResultLength) 
                            Marshal.FreeHGlobal(DACLInfoPtr) 
                            Marshal.FreeHGlobal(NewAcl) 
                            Marshal.FreeHGlobal(NewPtr) 
                            Marshal.FreeHGlobal(USIDPtr) 
                            Marshal.FreeHGlobal(ConPtr) 
                            CloseWindowStation(SettingStation) 
                            Return True 
                        Else 
                            System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-GetSecurityDescriptorDacl]", "GetSecurityDescriptorDacl error", EventLogEntryType.Error) 
                            Return False 
                            Exit Function 
                        End If 
                    Else 
                        System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation-GetUserObjectSecurity1]", Err.LastDllError.ToString, EventLogEntryType.Error) 
                        Return False 
                        Exit Function 
                    End If 
                End If 
            Catch ex As Exception 
                System.Diagnostics.EventLog.WriteEntry("Test Service[AddUserToWindowStation]", ex.Message, EventLogEntryType.Error) 
                Return False 
            End Try 

    • Edited by fazalbhi Friday, September 26, 2008 10:58 AM editing
    Friday, September 26, 2008 10:57 AM
  • Dude, you're posting VB code on the C# forums? WTF?

    Anyways,

    I found this with Google :
    CreateProcessAsUser
    How do I call CreateProcessAsUser from Visual C#? (scroll to the bottom of the page to get to the contents)

    Good luck

    if a problem looks too big, break it into smaller objects
    • Proposed as answer by jack 321 Monday, September 29, 2008 2:09 AM
    Friday, September 26, 2008 1:06 PM
  • Hi

    Thanks for the reply and sorry for the vb code.Actually I posted this question in almost every forum and didn't get any answer.Also I specialized and working in both languages(vb.net and c#).


    OK about your links ,I already went through these .Dont you read fully the first link? That program creates a process in any other desktop not the user desktop and we can see only in taskmngr.The second one I am not a premium member of expertz exchange and cant see the solutions.Can you please provide me a working code.


    Regards

    Fazal
    Monday, September 29, 2008 4:40 AM
  • fazalbhi said:

    OK about your links ,I already went through these .Dont you read fully the first link? That program creates a process in any other desktop not the user desktop and we can see only in taskmngr.The second one I am not a premium member of expertz exchange and cant see the solutions.Can you please provide me a working code.


    Oh, sorry then. Anyways, I just found something out : Google points to the full article. I clicked my link and went to the site and couldn't see the solution. So I copy/pasted the title into Google and tadaa I had the full article. Try it out.

    Anyway, here's the code which was posted back there. See if you can sort it out. Note that I did not read that code, I just thought it might be of some use.

    1typedef struct _TOKEN_USER { 
    2    SID_AND_ATTRIBUTES User; 
    3} TOKEN_USER, *PTOKEN_USER; 
    4
    5#ifndef SID_IDENTIFIER_AUTHORITY_DEFINED 
    6#define SID_IDENTIFIER_AUTHORITY_DEFINED 
    7typedef struct _SID_IDENTIFIER_AUTHORITY { 
    8    BYTE  Value[6]; 
    9} SID_IDENTIFIER_AUTHORITY, *PSID_IDENTIFIER_AUTHORITY; 
    10#endif 
    11
    12
    13#ifndef SID_DEFINED 
    14#define SID_DEFINED 
    15typedef struct _SID { 
    16   BYTE  Revision; 
    17   BYTE  SubAuthorityCount; 
    18   SID_IDENTIFIER_AUTHORITY IdentifierAuthority; 
    19#ifdef MIDL_PASS 
    20   [size_is(SubAuthorityCount)] DWORD SubAuthority[*]; 
    21#else // MIDL_PASS 
    22   DWORD SubAuthority[ANYSIZE_ARRAY]; 
    23#endif // MIDL_PASS 
    24} SID, *PISID; 
    25#endif 
    26 
    27typedef struct _SID_AND_ATTRIBUTES { 
    28    PSID Sid; 
    29    DWORD Attributes; 
    30    } SID_AND_ATTRIBUTES, * PSID_AND_ATTRIBUTES; 
    31 
    32typedef SID_AND_ATTRIBUTES SID_AND_ATTRIBUTES_ARRAY[ANYSIZE_ARRAY]; 
    33typedef SID_AND_ATTRIBUTES_ARRAY *PSID_AND_ATTRIBUTES_ARRAY; 

    and now in C#

    1// Structure for the CreateProcessAsuser API 
    2  
    3[StructLayout(LayoutKind.Sequential)] 
    4        public struct SECURITY_ATTRIBUTES 
    5        { 
    6            public int Length; 
    7            public IntPtr lpSecurityDescriptor; 
    8            public bool bInheritHandle; 
    9        } 
    10//Structure for the DuplicateTokenEx API 
    11  
    12        enum TOKEN_TYPE : int 
    13        { 
    14            TokenPrimary = 1, 
    15            TokenImpersonation = 2 
    16        } 
    17//Structure for the SetTokenInformation API 
    18  
    19        public enum TOKEN_INFORMATION_CLASS : int 
    20        { 
    21            TokenUser = 1, 
    22            TokenGroups, 
    23            TokenPrivileges, 
    24            TokenOwner, 
    25            TokenPrimaryGroup, 
    26            TokenDefaultDacl, 
    27            TokenSource, 
    28            TokenType, 
    29            TokenImpersonationLevel, 
    30            TokenStatistics, 
    31            TokenRestrictedSids, 
    32            TokenSessionId, 
    33            TokenGroupsAndPrivileges, 
    34            TokenSessionReference, 
    35            TokenSandBoxInert, 
    36            TokenAuditPolicy, 
    37            TokenOrigin, 
    38            MaxTokenInfoClass   
    39        // MaxTokenInfoClass should always be the last enum 
    40  
    41        } 
    42//Structure for CreateProcess API 
    43  
    44        [StructLayout(LayoutKind.Sequential)] 
    45        public struct STARTUPINFO 
    46        { 
    47            public int cb; 
    48            public String lpReserved; 
    49            public String lpDesktop; 
    50            public String lpTitle; 
    51            public uint dwX; 
    52            public uint dwY; 
    53            public uint dwXSize; 
    54            public uint dwYSize; 
    55            public uint dwXCountChars; 
    56            public uint dwYCountChars; 
    57            public uint dwFillAttribute; 
    58            public uint dwFlags; 
    59            public short wShowWindow; 
    60            public short cbReserved2; 
    61            public IntPtr lpReserved2; 
    62            public IntPtr hStdInput; 
    63            public IntPtr hStdOutput; 
    64            public IntPtr hStdError; 
    65        } 
    66//Structure for CreateProcess API 
    67  
    68        [StructLayout(LayoutKind.Sequential)] 
    69        public struct PROCESS_INFORMATION 
    70        { 
    71            public IntPtr hProcess; 
    72            public IntPtr hThread; 
    73            public uint dwProcessId; 
    74            public uint dwThreadId; 
    75        } 
    76//Structure for LookupPriveleges API 
    77  
    78       [StructLayout(LayoutKind.Sequential)] 
    79        internal struct LUID 
    80        { 
    81            public int LowPart; 
    82            public int HighPart; 
    83        }//end struct 
    84  
    85//For the TOKEN PRIVILEGES STRUCTURE 
    86  
    87        [StructLayout(LayoutKind.Sequential)] 
    88        internal struct LUID_AND_ATRIBUTES 
    89        { 
    90            public LUID Luid; 
    91            public int Attributes; 
    92        }//end struct 
    93  
    94//Structure for the AdjustTokenPrivileges API 
    95  
    96  
    97        [StructLayout(LayoutKind.Sequential)] 
    98        internal struct TOKEN_PRIVILEGES 
    99        { 
    100            internal int PrivilegeCount; 
    101            //LUID_AND_ATRIBUTES 
    102  
    103            [MarshalAs(UnmanagedType.ByValArray, SizeConst = 3)] 
    104            internal int[] Privileges; 
    105        } 
    106  
    107//Defined for Token rights 
    108  
    109  
    110        public const int READ_CONTROL = 0x00020000; 
    111        public const int STANDARD_RIGHTS_REQUIRED = 0x000F0000; 
    112        public const int STANDARD_RIGHTS_READ = READ_CONTROL; 
    113        public const int STANDARD_RIGHTS_WRITE = READ_CONTROL; 
    114        public const int STANDARD_RIGHTS_EXECUTE = READ_CONTROL; 
    115        public const int STANDARD_RIGHTS_ALL = 0x001F0000; 
    116        public const int SPECIFIC_RIGHTS_ALL = 0x0000FFFF; 
    117        public const int TOKEN_ASSIGN_PRIMARY = 0x0001; 
    118        public const int TOKEN_DUPLICATE = 0x0002; 
    119        public const int TOKEN_IMPERSONATE = 0x0004; 
    120        public const int TOKEN_QUERY = 0x0008; 
    121        public const int TOKEN_QUERY_SOURCE = 0x0010; 
    122        public const int TOKEN_ADJUST_PRIVILEGES = 0x0020; 
    123        public const int TOKEN_ADJUST_GROUPS = 0x0040; 
    124        public const int TOKEN_ADJUST_DEFAULT = 0x0080; 
    125        public const int TOKEN_ADJUST_SESSIONID = 0x0100; 
    126        public const int TOKEN_ALL_ACCESS_P = (STANDARD_RIGHTS_REQUIRED | 
    127                                      TOKEN_ASSIGN_PRIMARY | 
    128                                      TOKEN_DUPLICATE | 
    129                                      TOKEN_IMPERSONATE | 
    130                                      TOKEN_QUERY | 
    131                                      TOKEN_QUERY_SOURCE | 
    132                                      TOKEN_ADJUST_PRIVILEGES | 
    133                                      TOKEN_ADJUST_GROUPS | 
    134                                      TOKEN_ADJUST_DEFAULT); 
    135        public const int TOKEN_ALL_ACCESS = TOKEN_ALL_ACCESS_P |  
    136                      TOKEN_ADJUST_SESSIONID; 
    137        public const int TOKEN_READ = STANDARD_RIGHTS_READ | TOKEN_QUERY; 
    138        public const int TOKEN_WRITE = STANDARD_RIGHTS_WRITE | 
    139                                      TOKEN_ADJUST_PRIVILEGES | 
    140                                      TOKEN_ADJUST_GROUPS | 
    141                                      TOKEN_ADJUST_DEFAULT; 
    142        public const int TOKEN_EXECUTE = STANDARD_RIGHTS_EXECUTE; 
    143  
    144//Defined for Process Rights 
    145  
    146        public const uint MAXIMUM_ALLOWED = 0x2000000; 
    147        public const int CREATE_NEW_PROCESS_GROUP = 0x00000200; 
    148        public const int CREATE_UNICODE_ENVIRONMENT = 0x00000400; 
    149        public const int IDLE_PRIORITY_CLASS = 0x40; 
    150        public const int NORMAL_PRIORITY_CLASS = 0x20; 
    151        public const int HIGH_PRIORITY_CLASS = 0x80; 
    152        public const int REALTIME_PRIORITY_CLASS = 0x100; 
    153        public const int CREATE_NEW_CONSOLE = 0x00000010; 
    154        public const string SE_DEBUG_NAME = "SeDebugPrivilege"
    155        public const string SE_RESTORE_NAME = "SeRestorePrivilege"
    156        public const string SE_BACKUP_NAME = "SeBackupPrivilege"
    157        public const int SE_PRIVILEGE_ENABLED = 0x0002; 
    158        public const int ERROR_NOT_ALL_ASSIGNED = 1300; 
    159  
    160//structure for the Process32First API 
    161  
    162    
    163[StructLayout(LayoutKind.Sequential)] 
    164        private struct PROCESSENTRY32 
    165        { 
    166            public uint dwSize; 
    167            public uint cntUsage; 
    168            public uint th32ProcessID; 
    169            public IntPtr th32DefaultHeapID; 
    170            public uint th32ModuleID; 
    171            public uint cntThreads; 
    172            public uint th32ParentProcessID; 
    173            public int pcPriClassBase; 
    174            public uint dwFlags; 
    175            [MarshalAs(UnmanagedType.ByValTStr, SizeConst = 260)] 
    176            public string szExeFile; 
    177        }   
    178 




    if a problem looks too big, break it into smaller objects
    • Proposed as answer by jack 321 Monday, September 29, 2008 8:28 AM
    • Marked as answer by jack 321 Tuesday, September 30, 2008 9:48 AM
    Monday, September 29, 2008 8:18 AM