CreateProcess for Currently Logged On User from Service running System Account?

Posted on 2004-03-24
Last Modified: 2012-12-12
The problem I am having is this:

There is a service that runs using the Local System Account, it needs to run in this context to prevent users from closing it.  This service monitors an application that MUST always remain open, this application has to run as the currently logged on user.  When I use CreateProcess from within the service to restart the application if it has been terminated by the user, CreateProcess runs the application within the Local System Account, this creates a problem since the application must run in the users account for reasons I wont go into here.


How do I use CreateProcess to launch an instance of specified application from the Currently Logged On users account.  I do not want to enter username and password information by using LogOnUser because the currently logged on user is already authenticated I should not have to do this, also this is not an option since the user does not interact with this program.  I believe what I will need to use is ImpersonateLoggedOnUser, and obtaining the current users process handle by using OpenProcessToken but after messing with this for nearly 2 weeks now I cannot figure out how to get this to work...  Any help would be appreciated!!
Question by:Magadass
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
LVL 86

Accepted Solution

jkr earned 500 total points
ID: 10668990
>>I believe what I will need to use is ImpersonateLoggedOnUser, and obtaining the
>>current users process handle by using OpenProcessToken

Indeed. E.g. like using

   HANDLE hToken = NULL;                
   HANDLE hProcess = NULL;

   DWORD processID = GetExplorerProcessID();
   if( processID)
    hProcess =
          processID );

    if( hProcess)
        if( OpenProcessToken(
              TOKEN_EXECUTE |
             TOKEN_READ |
             TOKEN_QUERY |
             TOKEN_QUERY_SOURCE |
             TOKEN_WRITE |
         ImpersonateLoggedOnUser( hToken);
          CloseHandle( hToken );
        CloseHandle( hProcess );

Then, call 'CreateProcess()' to launch any application in the context of the logged on user and call 'RevertToSelf()'

BTW, 'GetExplorerProcessID();' can be implemented using ("HOWTO: Enumerate Applications Using Win32 APIs")
LVL 86

Expert Comment

ID: 10669196

Author Comment

ID: 10669652
Is this sufficient jkr?

DWORD GetExplorerProcessID()
      HANDLE hSnapshot;
      PROCESSENTRY32 pe32;
      DWORD temp;

    hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,NULL);
      pe32.dwSize = sizeof(PROCESSENTRY32);

                        temp = pe32.th32ProcessID;

return temp;
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!


Author Comment

ID: 10669761
Wow that worked great man...  Very awesome, thanks for your help you are da man!!!

Author Comment

ID: 10669762
Wow that worked great man...  Very awesome, thanks for your help you are da man!!!
LVL 86

Expert Comment

ID: 10669800
You're welcome :o)

Sorry for the delay, but my notifs don't seem to be working...

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In days of old, returning something by value from a function in C++ was necessarily avoided because it would, invariably, involve one or even two copies of the object being created and potentially costly calls to a copy-constructor and destructor. A…
  Included as part of the C++ Standard Template Library (STL) is a collection of generic containers. Each of these containers serves a different purpose and has different pros and cons. It is often difficult to decide which container to use and …
The goal of the video will be to teach the user the difference and consequence of passing data by value vs passing data by reference in C++. An example of passing data by value as well as an example of passing data by reference will be be given. Bot…
The viewer will learn additional member functions of the vector class. Specifically, the capacity and swap member functions will be introduced.

734 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question