Solved

CreateProcess from service

Posted on 2002-03-18
13
1,752 Views
Last Modified: 2013-11-20
Hello,
I am using CreateProcess function from within Windows Service and want to launch Internet Explorer. But whenever I launch it then I get a dialog box (when first time Internet Explorer is run on system then we get a dialog box to enter IE settings, same dialog box appear in this case). I don't want this dialog boz to appear. Same code works fins in Dialog Based application. I don't know what are the rights problem with Windows Services. Please help me.
0
Comment
Question by:haider
  • 7
  • 6
13 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 6877039
>>I don't know what are the rights problem with Windows
>>Services

http://www.microsoft.com/msj/defaultframe.asp?page=/msj/0398/service2.htm&nav=/msj/0398/newnav.htm

("Why Do Certain Win32 Technologies Misbehave in Windows NT Services?")

You get the dialog box because the service runs under a different user account. "Impersonate" the user that is logged on to avoid that.

0
 

Author Comment

by:haider
ID: 6877117
But how to do that. Please give me some clue.
0
 
LVL 86

Expert Comment

by:jkr
ID: 6877168
Well, what you need to do is

LogonUser();
ImpersonateLoggedOnUser();

// do stuff

RevertToSelf();

E.g.:

   HANDLE          hToken  =   NULL;

   if  (   !LogonUser  (   ( char*) pszUsername,
                           NULL,
                           ( char*) pszPwd,
                           LOGON32_LOGON_INTERACTIVE,
                           LOGON32_PROVIDER_DEFAULT,
                           &hToken
                       )
       )
       {
           return  (   GetLastError    ());
       }

   if  (   !ImpersonateLoggedOnUser    (   hToken)
       )
       {
           return  (   GetLastError    ());
       }

You alternatively could obtain a token from a process the user is running (explorer.exe is a good choice <s>). You'll nedd the PID to call 'OpenProcess()', then 'OpenProcessToken()' with 'TOKEN_IMPERSONATE' access. See http://support.microsoft.com/default.aspx?scid=kb;EN-US;q175030 ("HOWTO: Enumerate Applications Using Win32 APIs (Q175030)") on how to get that PID - it comes with sample code.
0
 

Author Comment

by:haider
ID: 6877311
LogonUser(); function returs ERROR_PRIVILEGE_NOT_HELD error???
0
 
LVL 86

Expert Comment

by:jkr
ID: 6877374
You have to assign the "SE_TCB_NAME" privilege to the account the service is running under (this is mentioned in the docs, BTW)
0
 

Author Comment

by:haider
ID: 6877455
I tried to "AdjustTokenPrivileges" use function, but I m getting error. How can I set "SE_TCB_NAME" privilege to service???
0
Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

 
LVL 86

Expert Comment

by:jkr
ID: 6877467
The easiest way is to open the user manager and do it from there.
0
 

Author Comment

by:haider
ID: 6877682
Can u please explain it clearly. I want to do all these things programatically. Please ....
0
 
LVL 86

Expert Comment

by:jkr
ID: 6877754
Have you tried what I mentioned about getting the user token from a user process? You cannot hardcode every user's password anyway, and setting privileges from within code isn't trivial at all...
0
 

Author Comment

by:haider
ID: 6877772
But if I get user token from a user process, then will this token have privileges that I require???
0
 
LVL 86

Accepted Solution

by:
jkr earned 300 total points
ID: 6877800
'Tokens' don't have privileges - once you have a security token, you can impersonate the owner of that token, calling 'ImpersonateLoggedOnUser()' does not require any special privilege...
0
 
LVL 86

Expert Comment

by:jkr
ID: 6886231
Well, anything new?
0
 

Author Comment

by:haider
ID: 6887889
Thats really gr8 and it works. I use "OpenProcess" for "explorer.exe" and then I use "ImpersonateLoggedOnUser".

Thanx!
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
has22 challenge 11 80
MaxSpan challenge 9 80
how to split multiple lines delimiter : 8 79
"Black Box" Testing of Control System Software 2 25
Introduction: Dynamic window placements and drawing on a form, simple usage of windows registry as a storage place for information. Continuing from the first article about sudoku.  There we have designed the application and put a lot of user int…
Introduction: Finishing the grid – keyboard support for arrow keys to manoeuvre, entering the numbers.  The PreTranslateMessage function is to be used to intercept and respond to keyboard events. Continuing from the fourth article about sudoku. …
This video will show you how to get GIT to work in Eclipse.   It will walk you through how to install the EGit plugin in eclipse and how to checkout an existing repository.
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now