PeterLarsen
asked on
WinLogon, Impersonate and CreateProcess (CreateProcessAsUser)
Hi Experts,
This is a question about WinLogon and how to start a new process within the users context.
The dll are registered in the Registry under the following key :
[HKEY_LOCAL_MACHINE\SOFTWA RE\Microso ft\Windows NT\CurrentVersion\Winlogon \Notify\.. ..], Asynchronous=0, Impersonate=1.
I would like to start a program when the user login.
I dont have any problems about receiving the 'Logon' notification and create a new process.
The problem is that the new process is created in the same security context as the dll - which means that the program dont terminates on logout.
I guess that the dll runs in the same context as Services does, not sure.
Impersonate (from microsoft.com) :
>>Indicates whether Winlogon should impersonate the security context of the logged-on user when it calls the notification package functions. If this value is set to 1, Winlogon uses impersonation. Otherwise, it does not.
If WinLogon impersonate it should be possible to use CreateProcess. But it doesn't seem to work - the process is not created in the users context.
I guess that i just got something wrong here - any ideas ??
Kind Regards
Peter
This is a question about WinLogon and how to start a new process within the users context.
The dll are registered in the Registry under the following key :
[HKEY_LOCAL_MACHINE\SOFTWA
I would like to start a program when the user login.
I dont have any problems about receiving the 'Logon' notification and create a new process.
The problem is that the new process is created in the same security context as the dll - which means that the program dont terminates on logout.
I guess that the dll runs in the same context as Services does, not sure.
Impersonate (from microsoft.com) :
>>Indicates whether Winlogon should impersonate the security context of the logged-on user when it calls the notification package functions. If this value is set to 1, Winlogon uses impersonation. Otherwise, it does not.
If WinLogon impersonate it should be possible to use CreateProcess. But it doesn't seem to work - the process is not created in the users context.
I guess that i just got something wrong here - any ideas ??
Kind Regards
Peter
Check out http://www.microsoft.com/msj/0599/security/security0599.aspx - it comes with sample code on how to do that.
ASKER
Hi jkr,
I already have several links about this issue.
What i need help to, is to understand e.g. what the impersonation in WinLogon actually does - or how i load (if necessarily) users environment before calling CreateProcessAsUser.
I already have several links about this issue.
What i need help to, is to understand e.g. what the impersonation in WinLogon actually does - or how i load (if necessarily) users environment before calling CreateProcessAsUser.
>> or how i load (if necessarily) users environment before calling CreateProcessAsUser
The above article describes that :o)
The above article describes that :o)
ASKER
nah, you are talking about cmdasuser i guess - not usefull here since i'm using Winlogon in this case.
Yes, but it also illustrates how to initialize the environment.
ASKER
I need help to understand this - no more whitepapers please !!
You shouldn't read the article, but the code at http://download.microsoft.com/download/0/6/7/0678184e-905e-4783-9511-d4dca1f492b4/cmdasuser.exe :o)
ASKER
But does the samples interact with WinLogon ??
I'd say the code given in the download link answers the question.
ASKER
No it doesn't - i still don't know how Impersonation interact with Winlogon.
ASKER
Thank you.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.