We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Question for JKR, ImpersonateInteractiveUser() does not work after SP4...

Magadass
Magadass asked
on
Medium Priority
720 Views
Last Modified: 2008-02-01
JKR or to whom anyone who has an answer,

About 1 week ago I posted a question asking how to impersonate the interactive user so I could launch a process that wrote to the users desktop.  Well during testing I was getting some inconsistent results, after an extremely long amount of testing I figured out it was Windows 2000 SP4 breaks it, most likely its something microsoft has tightened down on to make the system more secure, I believe my weakness relies in how I am obtaining the Process ID of the interactive user, however I have not done enough testing to verify this.  The below code is the ENTIRE snippet I am using to Impersonate the interactive user.  Do you have any information regarding any new methods of doing this after SP4?

NOTE: Works fine in WindowsXP with all SP/Patches...

DWORD ImpersonateInteractiveUser()  //Impersonates the logged in user to create an instance in the users context...
{
      HANDLE hToken = NULL;                
      HANDLE hProcess = NULL;

      DWORD processID = GetExplorerProcessID();
      if( processID)
      {
            hProcess =
                  OpenProcess(  
                  PROCESS_ALL_ACCESS,
                  TRUE,
                  processID );

            if( hProcess)
            {
                  if( OpenProcessToken(
                        hProcess,
                        TOKEN_EXECUTE |
                        TOKEN_READ |
                        TOKEN_QUERY |
                        TOKEN_ASSIGN_PRIMARY |
                        TOKEN_QUERY_SOURCE |
                        TOKEN_WRITE |
                        TOKEN_DUPLICATE,
                        &hToken))
                  {
                        ImpersonateLoggedOnUser( hToken);
                        CloseHandle( hToken );
                  }
                  CloseHandle( hProcess );
            }
      }
      return processID;
}

DWORD GetExplorerProcessID()  //Needed to impersonate the logged in user...
{
      HANDLE hSnapshot;
      PROCESSENTRY32 pe32;
      ZeroMemory(&pe32,sizeof(pe32));
      DWORD temp = NULL;

      try
      {
            hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,NULL);

            pe32.dwSize = sizeof(PROCESSENTRY32);

            if(Process32First(hSnapshot,&pe32))
            {
                  do
                  {
                        if(!strcmp(pe32.szExeFile,"explorer.exe"))
                        {
                              temp = pe32.th32ProcessID;
                              break;
                        }

                  }while(Process32Next(hSnapshot,&pe32));
            }
      }
      catch(...)
      {
            StopService();
      }
      return temp;
}
Comment
Watch Question

Author

Commented:
I believe I answered my own question:

http://support.microsoft.com/default.aspx?kbid=821546

But have yet to get this to make it work, but it does appear there are changes...

Author

Commented:
OK I cannot get these changes to make this work, perhaps this is only part of the solution maybe something has to be changed in the code as well?
jkr
CERTIFIED EXPERT
Top Expert 2012

Commented:
The article lists only a new privilege - have you tried to grant that to the account your application is running under?

Author

Commented:
Yes it does not fix it...  I have tested the code also, everything is returning successful... Have no idea why its not working....According to the article it should work if I change the policy...

Author

Commented:
JKR have you been able to duplicate this?  This is a serious issue for me and all of the microsoft documentation I find says that changing this policy should correct the proble.  However it does not!!  
jkr
CERTIFIED EXPERT
Top Expert 2012

Commented:
>>JKR have you been able to duplicate this?

Just me and a laptop with XP here at the moment, sorry :o)

Author

Commented:
Microsoft VirtualPC is your friend :)

Author

Commented:
I have opened a ticker with microsoft premier support, I will post the resolution as soon as I get one...
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION
jkr
CERTIFIED EXPERT
Top Expert 2012

Commented:
>>JKR please take notice to the gotchas at the bottom

Thank you *very* much for sharing this insight!
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.