Solved

WinLogon, Impersonate and CreateProcess (CreateProcessAsUser)

Posted on 2003-11-08
14
1,649 Views
Last Modified: 2013-12-03
Hi Experts,

This is a question about WinLogon and how to start a new process within the users context.

The dll are registered in the Registry under the following key :
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\....], Asynchronous=0, Impersonate=1.

I would like to start a program when the user login.
I dont have any problems about receiving the 'Logon' notification and create a new process.
The problem is that the new process is created in the same security context as the dll - which means that the program dont terminates on logout.
I guess that the dll runs in the same context as Services does, not sure.

Impersonate (from microsoft.com) :
>>Indicates whether Winlogon should impersonate the security context  of the logged-on user when it calls the notification package functions. If this value is set to 1, Winlogon uses impersonation. Otherwise, it does not.

If WinLogon impersonate it should be possible to use CreateProcess. But it doesn't seem to work - the process is not created in the users context.

I guess that i just got something wrong here - any ideas ??

Kind Regards
Peter
0
Comment
Question by:PeterLarsen
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
14 Comments
 
LVL 86

Expert Comment

by:jkr
ID: 9707762
Check out http://www.microsoft.com/msj/0599/security/security0599.aspx - it comes with sample code on how to do that.
0
 
LVL 2

Author Comment

by:PeterLarsen
ID: 9725929
Hi jkr,

I already have several links about this issue.
What i need help to, is to understand e.g. what the impersonation in WinLogon actually does - or how i load (if necessarily) users environment before calling CreateProcessAsUser.
0
 
LVL 86

Expert Comment

by:jkr
ID: 9726072
>> or how i load (if necessarily) users environment before calling CreateProcessAsUser

The above article describes that :o)
0
Salesforce Has Never Been Easier

Improve and reinforce salesforce training & adoption using WalkMe's digital adoption platform. Start saving on costly employee training by creating fast intuitive Walk-Thrus for Salesforce. Claim your Free Account Now

 
LVL 2

Author Comment

by:PeterLarsen
ID: 9726403
nah, you are talking about cmdasuser i guess - not usefull here since i'm using Winlogon in this case.
0
 
LVL 86

Expert Comment

by:jkr
ID: 9736849
Yes, but it also illustrates how to initialize the environment.
0
 
LVL 2

Author Comment

by:PeterLarsen
ID: 9741791
I need help to understand this - no more whitepapers please !!
0
 
LVL 86

Expert Comment

by:jkr
ID: 9742153
0
 
LVL 2

Author Comment

by:PeterLarsen
ID: 9742508
But does the samples interact with WinLogon ??
0
 
LVL 86

Expert Comment

by:jkr
ID: 10801425
I'd say the code given in the download link answers the question.
0
 
LVL 2

Author Comment

by:PeterLarsen
ID: 10805624
No it doesn't - i still don't know how Impersonation interact with Winlogon.
0
 
LVL 2

Author Comment

by:PeterLarsen
ID: 10840443
Thank you.
0
 

Accepted Solution

by:
CetusMOD earned 0 total points
ID: 10870064
PAQed, with points refunded (300)

CetusMOD
Community Support Moderator
0

Featured Post

[Webinar] How Hackers Steal Your Credentials

Do You Know How Hackers Steal Your Credentials? Join us and Skyport Systems to learn how hackers steal your credentials and why Active Directory must be secure to stop them. Thursday, July 13, 2017 10:00 A.M. PDT

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

What my article will show is if you ever had to do processing to a listbox without being able to just select all the items in it. My software Visual Studio 2008 crystal report v11 My issue was I wanted to add crystal report to a form and show…
Entering time in Microsoft Access can be difficult. An input mask often bothers users more than helping them and won't catch all typing errors. This article shows how to create a textbox for 24-hour time input with full validation politely catching …
This is Part 3 in a 3-part series on Experts Exchange to discuss error handling in VBA code written for Excel. Part 1 of this series discussed basic error handling code using VBA. http://www.experts-exchange.com/videos/1478/Excel-Error-Handlin…
In this video, viewers will be given step by step instructions on adjusting mouse, pointer and cursor visibility in Microsoft Windows 10. The video seeks to educate those who are struggling with the new Windows 10 Graphical User Interface. Change Cu…

691 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question