troubleshooting Question

Question for JKR, ImpersonateInteractiveUser() does not work after SP4...

Avatar of Magadass
Magadass asked on
10 Comments1 Solution733 ViewsLast Modified:
JKR or to whom anyone who has an answer,

About 1 week ago I posted a question asking how to impersonate the interactive user so I could launch a process that wrote to the users desktop.  Well during testing I was getting some inconsistent results, after an extremely long amount of testing I figured out it was Windows 2000 SP4 breaks it, most likely its something microsoft has tightened down on to make the system more secure, I believe my weakness relies in how I am obtaining the Process ID of the interactive user, however I have not done enough testing to verify this.  The below code is the ENTIRE snippet I am using to Impersonate the interactive user.  Do you have any information regarding any new methods of doing this after SP4?

NOTE: Works fine in WindowsXP with all SP/Patches...

DWORD ImpersonateInteractiveUser()  //Impersonates the logged in user to create an instance in the users context...
      HANDLE hToken = NULL;                
      HANDLE hProcess = NULL;

      DWORD processID = GetExplorerProcessID();
      if( processID)
            hProcess =
                  processID );

            if( hProcess)
                  if( OpenProcessToken(
                        TOKEN_EXECUTE |
                        TOKEN_READ |
                        TOKEN_QUERY |
                        TOKEN_ASSIGN_PRIMARY |
                        TOKEN_QUERY_SOURCE |
                        TOKEN_WRITE |
                        ImpersonateLoggedOnUser( hToken);
                        CloseHandle( hToken );
                  CloseHandle( hProcess );
      return processID;

DWORD GetExplorerProcessID()  //Needed to impersonate the logged in user...
      HANDLE hSnapshot;
      PROCESSENTRY32 pe32;
      DWORD temp = NULL;

            hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS,NULL);

            pe32.dwSize = sizeof(PROCESSENTRY32);

                              temp = pe32.th32ProcessID;

      return temp;
Join the community to see this answer!
Join our exclusive community to see this answer & millions of others.
Unlock 1 Answer and 10 Comments.
Join the Community
Learn from the best

Network and collaborate with thousands of CTOs, CISOs, and IT Pros rooting for you and your success.

Andrew Hancock - VMware vExpert
See if this solution works for you by signing up for a 7 day free trial.
Unlock 1 Answer and 10 Comments.
Try for 7 days

”The time we save is the biggest benefit of E-E to our team. What could take multiple guys 2 hours or more each to find is accessed in around 15 minutes on Experts Exchange.

-Mike Kapnisakis, Warner Bros