How to launch an application with elevated administrator account privilege from windows service even if the account has not yet logon
Here is the case:
OS environment: Windows 7
There are two user accounts in my system, standard user "S" and administrator account "A", and there is a windows service running with "Local System" privilege.
Now i logged-in with account "S", and i want to launch an application with elevated administrator account "A" from that service program, so here is the code snippet:
int LaunchAppWithElevatedPrivilege (
LPTSTR lpszUsername, // client to log on
LPTSTR lpszDomain, // domain of client's account
LPTSTR lpszPassword, // client's password
LPTSTR lpCommandLine // command line to execute e.g. L"C:\\windows\\regedit.exe"
DWORD dwExitCode = 0;
HANDLE hToken = NULL;
HANDLE hFullToken = NULL;
HANDLE hPrimaryFullToken = NULL;
HANDLE lsa = NULL;
BOOL bResult = FALSE;
LUID luid;
MSV1_0_INTERACTIVE_PROFILE* profile = NULL;
DWORD err;
PTOKEN_GROUPS LocalGroups = NULL;
DWORD dwLength = 0;
DWORD dwSessionId = 0;
LPVOID pEnv = NULL;
DWORD dwCreationFlags = 0;
PROCESS_INFORMATION pi = {0};
STARTUPINFO si = {0};
__try
if (!LogonUser( lpszUsername,
lpszDomain,
lpszPassword,
LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT,
&hToken))
LOG_FAILED(L"GetTokenInformation failed!");
__leave;
if( !GetTokenInformation(hToken, (TOKEN_INFORMATION_CLASS)19, (VOID*)&hFullToken,
sizeof(HANDLE), &dwLength))
LOG_FAILED(L"GetTokenInformation failed!");
__leave;
if(!DuplicateTokenEx(hFullToken, MAXIMUM_ALLOWED, NULL,
SecurityIdentification, TokenPrimary, &hPrimaryFullToken))
LOG_FAILED(L"DuplicateTokenEx failed!");
__leave;
DWORD dwSessionId = 0;
WTS_SESSION_INFO* sessionInfo = NULL;
DWORD ndSessionInfoCount;
bResult = WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 0, 1, &sessionInfo, &ndSessionInfoCount);
if (!bResult)
dwSessionId = WTSGetActiveConsoleSessionId();
else
for(unsigned int i=0; i<ndSessionInfoCount; i++)
if( sessionInfo[i].State == WTSActive )
dwSessionId = sessionInfo[i].SessionId;
if(0 == dwSessionId)
LOG_FAILED(L"Get active session id failed!");
__leave;
if(!SetTokenInformation(hPrimaryFullToken, TokenSessionId, &dwSessionId, sizeof(DWORD)))
LOG_FAILED(L"SetTokenInformation failed!");
__leave;
if(CreateEnvironmentBlock(&pEnv, hPrimaryFullToken, FALSE))
dwCreationFlags |= CREATE_UNICODE_ENVIRONMENT;
else
pEnv=NULL;
if (! ImpersonateLoggedOnUser(hPrimaryFullToken) )
LOG_FAILED(L"ImpersonateLoggedOnUser failed!");
__leave;
si.cb= sizeof(STARTUPINFO);
si.lpDesktop = L"winsta0\\default";
bResult = CreateProcessAsUser(
hPrimaryFullToken, // client's access token
NULL, // file to execute
lpCommandLine, // command line
NULL, // pointer to process SECURITY_ATTRIBUTES
NULL, // pointer to thread SECURITY_ATTRIBUTES
FALSE, // handles are not inheritable
dwCreationFlags, // creation flags
pEnv, // pointer to new environment block
NULL, // name of current directory
&si, // pointer to STARTUPINFO structure
&pi // receives information about new process
RevertToSelf();
if (bResult && pi.hProcess != INVALID_HANDLE_VALUE)
WaitForSingleObject(pi.hProcess, INFINITE);
GetExitCodeProcess(pi.hProcess, &dwExitCode);
else
LOG_FAILED(L"CreateProcessAsUser failed!");
__finally
if (pi.hProcess != INVALID_HANDLE_VALUE)
CloseHandle(pi.hProcess);
if (pi.hThread != INVALID_HANDLE_VALUE)
CloseHandle(pi.hThread);
if(LocalGroups)
LocalFree(LocalGroups);
if(pEnv)
DestroyEnvironmentBlock(pEnv);
if(hToken)
CloseHandle(hToken);
if(hFullToken)
CloseHandle(hFullToken);
if(hPrimaryFullToken)
CloseHandle(hPrimaryFullToken);
return dwExitCode;
I passed in username and password of account "A" to method "LaunchAppWithElevatedPrivilege", and also the application i want to launch, e.g. "C:\windows\regedit.exe", but when i run the service program, i found it do launch
"regedit.exe" with elevated account "A", but the content of regedit.exe is pure back. screenshot as below:
Can anyone help me on this?
You code is not dealing with the DACL access to Winsta0\Default. Only the LocalSystem account will have full access and the interactively logged on user which is why regedit is not displaying properly. You'll need to grant access to your user.
You also need to deal with UAC since that code is going to give you a non-elevated token via LogonUser(). You need to get the full token via a call to GetTokenInformation() + TokenLinkedToken.
thanks
Frank K [MSFT]
Follow us on Twitter, www.twitter.com/WindowsSDK.
Similar Messages
-
I recently started using my desktop iMac 27" and have been having problems since installing Mavericks, not saying that Mavericks is the problem per se. I think I have too many accounts with too many names, with too many Apple IDs and too many passwords, email passwords and Apple ID passwords, and keychain passwords, etc. Can't keep them straight even though I write everything down. The screen has been making me log in and log out with Account name and passwords after everything I've been doing, also confused about Users and Groups and how to sync everything. I finally just "shut down" everything and the screen was black. When I turned the computer on again, the circular gear in the middle just kept turning but nothing happened after that. Then I held the on button in the back until the screen went black again.
What should I do? Is there a way to combine all my accounts into one account with one Apple ID? I should say that I also have trying to use iCloud and it has different IDs and passwords. Also when I try to log in with one account name, I can't enter anything I write,and when I type on the keyboard, nothing appears on the screen, although I can receive emails, I can't send them.
In another account, what I type does appear on the screen, but I think it's an earlier account and doesn't translate aver to the other account. ALTHOUGH i set up iCloud accounts, they don't appear any more.
Very confused. Any Ideas about how I can get the computer to start up again and show a new screen?
Thanks to anyone who has workable suggestions.If you really believe that your system has been compromised, here's what you do:
Disconnect your Mac from your cable modem;
Back up any documents on your system that are important to you;
Boot your Mac from the system installation disks that came with it (insert the disk, restart your Mac, and hold down the "c" key until you get the "spinning gear" icon);
Choose a language and click the arrow button to continue;
From the Utilities menu, choose Disk Utility;
In Disk Utility, select your computer's hard drive;
Click the "Erase" tab;
Click the "Security Options" button and select to have it overwrite all the data on the hard drive;
Click the "Erase" button and allow it to process;
Once the "erase process has completed (it will take a while), reinstall Mac OS X.
Or, if this is too much for you to accomplish on your own, take your system to an Apple Store and have them help you perform these steps. If your system was indeed compromised, this will remove any such hack. You can then set up a new user account for the computer, reinstall your applications (reinstall only from original disks or downloads from the company making the software) and documents, and reconnect to the Internet.
Note that when you reconnect to the cable modem, you may still get an IP address starting with 198. This is normal with some cable modems and probably not a cause for concern. It will not be an indication that your system is still compromised; that will not be possible if you perform all the above steps.
Regards. -
i used to have window computer and i just like mac and i want you guys help to perform better with mac
This one? http://www.apple.com/support/mac101/
Stedman -
My 6months old Iphone 4S started to turn itself of or freeze before shutting down about a month ago.
I've been told it's the top water indicator that is broken and that the phone has been in touch with fluids-which it really hasn't!!
Has anybody else experienced that the water indicator has been damaged even though the phone has not been in contact with fluids?Hi,
I'm going to contact you via private message to get more contact info and case number.
regards,
steve -
Launching an application with midlet?
Hi,
I'm total beginner with j2me and need help. I know it is possible to launch an application with midlet with platformRequest, but how is it done?
Could anyone give me a simple example?
Thx.Hi,
If you are using a WTK2.0 version you can simulate this command.
add below line to system.config file in wtk20/lib dir
com.sun.midp.midlet.platformRequestCommand: "C:\Program Files\Internet Explorer\IEXPLORE.EXE"
invoke the command by
midlet.platformRequest("http://java.sun.com");
cheers
phani -
How to start a application with a login window?
hi there
does anyone have any idea on how to start an application with a login window? a login window is the first frame or window to be displayed when an application starts running. and only correct login id and password have been entered the real application will start. any sample out there? thank you.You can start a new thread by making a thread object and passing it an implementation of a runnable object. Runnable has just one method, public void run(), this is was gets executed in a second thread. perhaps the code you would use would look something like this.
<code>
// set up thread for login window
new Thread(new Runnable() {
public void run() {
// construct your login window here
// when you are done processing the
// password....
if(goodPassword) {
authorized = true; // a global variable
notifyAll(); // don't forget this
else {
System.exit(42);
}).start();
// control does not stop this code gets executed while
// the above thread is running.
// Set up main program here. This is done in the
// backround.
while(!authorized) {
synchronized(this)
{ wait(50); }
// now when the user logs in this frame pops
// up real quick.
myFrame.setVisible(true);
</code>
Hope you can figure it out.. good luck :) -
I recently upgraded our family's mac to OS X. I thought this was the perfect time to create and use "user accounts". We had always used 1 main account. So how do I use software or applications with a lot of data like Quicken under my own user account? I wanted to be able to manage my own itunes library, iphone apps, messages. But I still really need to use the Stuff I have in Quicken essentials. I don't want to have to restart all my work done in Quicken already.
I haven't used Quicken in a while, but most applications store your files in your Documents folder. Is that where your Quicken data file is? What you do next depends on how many family members need to get at that data.
If multiple family members need to use the Quicken data file, try moving it to the Documents folder in the Shared account. That is an account that all accounts can see. It's at the same level as the other accounts. In other words, Shared is one level up from your Home account, or Hard Drive/Users/Shared.
If you're the only one allowed to see that Quicken data, move the Quicken data file from the old main account to your account, and don't leave a copy behind. You can use the Shared folder as a way station for the transfer since you won't be able to see both accounts' Documents folders at the same time (because you're not allowed to peek into other people's accounts). Or you can use another disk or server for the transfer, as long as you can get to it when logged into either account. -
How to launch an application from a website?
Hi All,
Can anyone tell me how to launch an application (packaged in a jar) from
a website?
I would like to open my application (and pass some arguments) by clicking a special banner or logo
on a website.
Regards,
StanleyGoogle for WebStart and JNLP
-
Anyone know how to gernerate CRUD applications with flex and coldfusion?
Anyone know how to gernerate CRUD applications with flex and
coldfusion? I am working with a remote coldsfusion installation
with MS SQL and I don't have RDS.You might investigate "squidhead". It is CF based. I'm not
sure if it has any Flex related features.
http://squidhead.riaforge.org/ -
How to integrate android application with oracle database using oracle mobile database server.
Hi,
I developed one web application using oracle database. I want to implement same web application in android. My problem is how to integrate android application with existing oracle database using oracle database mobile server. Can u please guide me how to install oracle database mobile server and how to integrate android app with existing oracle database..
Thank you.In the Database Mobile Doc set there is an entire book that covers the Installation of Oracle Database Mobile Server. Chap 4 of that book contains screen shots and all kinds of information that will help guide you through the installation. We also have a doc on the different mobile clients. Chap 2 of that guide covers installs and integration of an android app.
thanks
mike -
How do I go back to Firefox 5.0? I need to use Selenium IDE, which is not yet compatible with 6.0.
How do I go back to Firefox 5.0? I need to use Selenium IDE, which is not yet compatible with 6.0.
The link is to the latest update to 4.o which was 4.0.1
The 4.0.1 and 5.0 are two separate versions as installing 4.0.1 over 5.0 will just give you the old 4.0.1 as the end result.
The 5.0 is partially as a security update in place of 4.0.2.
The Skype extension was only for to make it so you can dial phone numbers on a web page in the separate Skype program right so if you were not using it then no need for the Skype extension for the separate Skype application to work. -
Regarding iMessage, when i want to send text to a person in my contacts app, i've been getting a message saying the number has not been registered with iMessage. How can one fix this problem? It works on the iPhone.
It takes two to tango, maybe it's your recipient that has weak Internet/Cellular connections.
-
When I try to sign in to iTunes, it tells me that my Apple ID has not yet been used with the iTunes Store. How do I use my account with the iTunes Store?
Hello Daijalove97,
Thanks for using Apple Support Communities.
For more information on this, take a look at:
Using an existing Apple ID with the iTunes Store and Mac App Store
http://support.apple.com/kb/HT2589
To use your Apple ID at the iTunes Store
Open the latest version of iTunes.
Choose Store > Sign In from the Store menu.
Enter your Apple ID and password, then click Sign In.
Click Review when asked to review your information.
Enter your billing information, a credit card will be required.
Click Continue when you're done entering your credit card and billing information.
Best of luck,
Mario -
How can I copy songs with metadata (added in iTunes) from my PC to my new iMac?
I have iTunes 12.0.1 on my Windows PC. I'm about to get a new iMac (hooray!) and I'm beginning the process of transferring everything on my PC to my Mac. I've got all the documents, pictures, files, etc. covered, but now I have to make a copy of all of my music.
Most of the music in my iTunes library is not bought through the iTunes Store (I download most of my songs from the Internet). Then, after saving the downloaded song to my computer, I go into iTunes on my computer and add the song. I also add metadata like artist, album, genre, album artwork, etc. to the song in iTunes. What concerns me is that only the songs in iTunes have this metadata: the original downloaded files I saved onto my computer don't have any metadata.
I really don't want to have to go through the long and tedious process of adding artist/album names, genre, etc. to every single song in my iTunes library on my new iMac. How can I copy songs with metadata (added in iTunes) from my PC to my new iMac?
Thank you so much for any help!Hello! I'd like to learn more about Home Sharing. To do this, would both my PC (which I hope to get rid of) and my new iMac need to be plugged in?
Also, after Home Sharing with the old PC is initiated, I understand that all my songs would appear on my iMac. Is there a way to copy all of these (with album artwork, name, artist, etc.) directly to the iMac's hard drive and then disconnect home sharing so I can get rid of my PC?
Thank you! -
How can I sign up with Enterprise program, while I have an active membership of the iOS developer program?
I have bought a memership for the iOS Developer program.
I have created an in-house app.
Now I want to publish it to all employees without registering the devices.
So..
I go to their website and try to sign up for the enterprise program, image shown below:
http://s29.postimg.org/q06ylh5o6/Clipboard01.jpg
Within the image above, I click continue...
http://s14.postimg.org/46lqcpy74/Clipboard02.jpg
Then I am taken to the image above, there I need to select a program, but I already have a program, the iOS developer program! And the checkbutton of that program, is disabled. If I try to click continue at this page, without sleecting a program, a javascript-box shows "You have to select a program before continuging"...
Do I need to unsubscribe my iOS developer program, to then register it again? Lol!
PS: no clue where I should post this, looked over the forums and could not see anything related to singing up, registering for a program...Our apps came offline automatically shortly after this as iTunesConnect thought we had not renewed our license, even though we had several weeks ago.
We had a brief panic as our apps were offline for 12 hours, which is how long it took Apple Support to work out what was wrong and hook things up.
I suggest you contact them ASAP to get this fixed so you don't get that iTunesConnect alert to your phone 'Your app status has been changed to Pending Contract'.
Maybe you are looking for
-
I have an iPhone 6 with IOS 8.1.3. When I go to the landscape view in Safari, the bookmark page appears and takes up one half of the screen. How can I get rid of the bookmark page so I can use the whole screen to what I am browsing?
-
How do I get rid of the AirPlay instructions that are permanently on the HDTV.? I wish to play music through Apple TV and have my photographs that are on my computer randomly stream but the AirPlay instructions overlay these photos.
-
Hi All, I am facing issue in provisioning users from oim to Ad using AD 11g Connector. but in history Group Membership Insert rejected every time but all other task is working fine . its showing error message as: Response:Connection failed Response D
-
It is now January 8 and mt Do Not Disturb feature has not fixed itself as it was supposed to. The scheduled fix date was the 7th. Has anyone else seen the fix for this yet?
-
Mein Ipad reagiert nur noch sehr sehr langsam
Mein ipad funktioniert nur noch ganz langsam. Beim Entsperren muss ich den Code mehrfach eingeben, damit zeitversetzt irgendwann eine Reaktion kommt. ausschalten und wieder einschalten hat nichts gebracht - außer, dass jetzt auch noch meine Sim-Karte