I have a PB app that gets called from a printer service account, as a [LOCAL SERVICE] user account. It is supposed to launch a program, say gsview.exe under the useraccount who gave the print job. The printer service sends only TWO PARAMETERS (username and session_id) and NO PASSWORD =( I am stuck now, not knowing how to use CreateProcessAsUser() just with these two parameters. The redmon documentation says it is possible to launch using CreateProcessAsUser() with just these two parameters sent by the printer service.
So, How do I obtain hToken from only [Username] and [SessionID] so I can pass it to CreateProcessAsUser() to successfully launch the second app (gsview.exe) to run under that account.
Original question at:
http://stackoverflow.com/questions/2907 ... -sessionid
Note:
1) The program is run by the printer service as [LOCAL SERVICE] account.
2) The first parameter Username (REDMON_USER), in effect, points to the user currently looking at the screen
Q: CreateProcessAsUser from just Username & SessionID? *:-S
-
scriptmaster
- User
- Posts: 15
- Joined: Fri Mar 13, 2009 3:13 pm
- Location: Chennai, India
Re: Q: CreateProcessAsUser from just Username & SessionID? *
I don't know if this will help or not, and I don't know if it will even work as I don't remember if I even used it. Its a scrap left over from a past project I was experimenting with doing something similar (kinda but not exactly) and I scrapped the whole thing so I can't even give it to you in context, but it was suppose to launch a process without needing Username, SessionID, or password in a safe manner in just the situation you outlined. It might help you in structuring the CreateProcessAsUser() for your purpose;
ProcessName$ = App .exe name
For dwCreationFlags.i see > http://msdn.microsoft.com/en-us/library ... S.85).aspx
Heck, I don't remember now if I actually used it or even fully tested it. It was just one of those things you develop along the way to a solution that might not ever get into the final poduct. If it does not help, I apologize for getting you off track.
Or....maybe something from these will help or give you some ideas:
http://www.purebasic.fr/english/viewtop ... cessAsUser
http://www.purebasic.fr/english/viewtop ... cessAsUser
Code: Select all
#SAFER_LEVELID_NORMALUSER = $20000
#SAFER_SCOPEID_USER = 2
#SAFER_LEVEL_OPEN = 1
Procedure LaunchProcessSaferUser(ProcessName$)
startinfo.STARTUPINFO
procinfo.PROCESS_INFORMATION
Lib_GetSafe = LoadLibrary_("advapi32.dll")
*Func_SaferCreateLevel = GetProcAddress_(Lib_GetSafe, "SaferCreateLevel")
*Func_SaferComputeTokenFromLevel = GetProcAddress_(Lib_GetSafe, "SaferComputeTokenFromLevel")
*Func_CreateProcessAsUser = GetProcAddress_(Lib_GetSafe, "CreateProcessAsUser")
hSaferCreateLevel.i = CallFunctionFast(*Func_SaferCreateLevel, #SAFER_SCOPEID_USER, #SAFER_LEVELID_NORMALUSER, #SAFER_LEVEL_OPEN, #Null, #Null)
hToken = CallFunctionFast(*Func_SaferComputeTokenFromLevel, hSaferCreateLevel, #Null, #Null, #Null, #Null)
CallFunctionFast(*Func_CreateProcessAsUser , hToken, #Null, ProcessName$, "", "", #Null, dwCreationFlags.i, 0, 0, @startinfo, @procinfo)
FreeLibrary_(Lib_GetSafe)
EndProcedure
For dwCreationFlags.i see > http://msdn.microsoft.com/en-us/library ... S.85).aspx
Heck, I don't remember now if I actually used it or even fully tested it. It was just one of those things you develop along the way to a solution that might not ever get into the final poduct. If it does not help, I apologize for getting you off track.
Or....maybe something from these will help or give you some ideas:
http://www.purebasic.fr/english/viewtop ... cessAsUser
http://www.purebasic.fr/english/viewtop ... cessAsUser
The advantage of a 64 bit operating system over a 32 bit operating system comes down to only being twice the headache.