MauricioGaviria
asked on
WinXp SP2 problem with RunAs from Nt Service
Hi Experts,
I Found this code for launch an application with other user rigths:
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Launch: TButton;
App: TEdit;
Usuario: TEdit;
Password: TEdit;
Parametro: TEdit;
procedure LaunchClick(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
function CreateProcessWithLogonW(
lpUserName: PWideChar;
lpDomain: PWideChar;
lpPassword: PWideChar;
dwLogonFlags: DWORD;
lpApplicationName: PWideChar;
lpCommandLine: PWideChar;
dwCreationFlags: DWORD;
lpEnvironment: Pointer;
lpCurrentDirectory: PChar;
const lpStartupInfo: TStartupInfo;
var lpProcessInformation: TProcessInformation
): BOOL; stdcall;
Function RunAs(Username, Password, Command,Parameter: String): integer;
var
Form1: TForm1;
implementation
{$R *.dfm}
function CreateProcessWithLogonW; external advapi32 name 'CreateProcessWithLogonW';
function PerformLogon(const User, Domain, Password: String): Cardinal;
begin
if NOT LogonUser(pChar(User), pChar(Domain), pChar(Password),
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
Result) then
RaiseLastWin32Error;
end;
Function RunAs(Username, Password, Command, Parameter: String): integer;
Var
si: TStartupInfo;
pi: TProcessInformation;
pUser, pPass, pDomain, pProgram,pParameter: array [0..255] of WChar;
LastError: DWORD;
ResultString: String;
Begin
ZeroMemory(@si, SizeOf(si));
si.cb:=SizeOf(si);
ZeroMemory(@pi, SizeOf(pi));
StringToWideChar(UserName,
StringToWideChar(PassWord,
StringToWideChar('', pDomain, 255);
StringToWideChar(Command, pProgram, 255);
StringToWideChar(Command+'
CreateProcessWithLogonW(
pUser,
pDomain,
pPass,
1, //LOGON_WITH_PROFILE,
nil,
pParameter,
CREATE_DEFAULT_ERROR_MODE or CREATE_NEW_CONSOLE or
CREATE_NEW_PROCESS_GROUP or CREATE_SEPARATE_WOW_VDM,
nil,
nil,
si,
pi
);
LastError:=GetLastError;
Case LastError of
0: ResultString:='Success!';
86: ResultString:='Wrong password';
1326: ResultString:='Wrong username or password';
1327: ResultString:='Logon failure?user account restriction';
13850: ResultString:='Logon failure?the user has not been granted the requested logon type at this computer.';
2: ResultString:='File not found';
5: ResultString:='Access denied';
else
ResultString:='Error '+IntToStr(LastError);
end;
ShowMessage(ResultString);
Result:=LastError;
End;
procedure TForm1.LaunchClick(Sender:
begin
RunAs(Usuario.Text,Passwor
end;
end.
Ok, this function "RunAs" works fine on win2k,XP sp1 from application or calling from Nt Service, but my problem is that this function works in XP SP2 from an application but from Nt Service this doesn't works any more, the result error is "Access denied" and I need call this function from Nt Service in XP SP2 :( .
Please helpme how to use this function On this OS.
thanks in advance.
I Found this code for launch an application with other user rigths:
unit Unit1;
interface
uses
Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
Dialogs, StdCtrls;
type
TForm1 = class(TForm)
Launch: TButton;
App: TEdit;
Usuario: TEdit;
Password: TEdit;
Parametro: TEdit;
procedure LaunchClick(Sender: TObject);
private
{ Private declarations }
public
{ Public declarations }
end;
function CreateProcessWithLogonW(
lpUserName: PWideChar;
lpDomain: PWideChar;
lpPassword: PWideChar;
dwLogonFlags: DWORD;
lpApplicationName: PWideChar;
lpCommandLine: PWideChar;
dwCreationFlags: DWORD;
lpEnvironment: Pointer;
lpCurrentDirectory: PChar;
const lpStartupInfo: TStartupInfo;
var lpProcessInformation: TProcessInformation
): BOOL; stdcall;
Function RunAs(Username, Password, Command,Parameter: String): integer;
var
Form1: TForm1;
implementation
{$R *.dfm}
function CreateProcessWithLogonW; external advapi32 name 'CreateProcessWithLogonW';
function PerformLogon(const User, Domain, Password: String): Cardinal;
begin
if NOT LogonUser(pChar(User), pChar(Domain), pChar(Password),
LOGON32_LOGON_NETWORK,
LOGON32_PROVIDER_DEFAULT,
Result) then
RaiseLastWin32Error;
end;
Function RunAs(Username, Password, Command, Parameter: String): integer;
Var
si: TStartupInfo;
pi: TProcessInformation;
pUser, pPass, pDomain, pProgram,pParameter: array [0..255] of WChar;
LastError: DWORD;
ResultString: String;
Begin
ZeroMemory(@si, SizeOf(si));
si.cb:=SizeOf(si);
ZeroMemory(@pi, SizeOf(pi));
StringToWideChar(UserName,
StringToWideChar(PassWord,
StringToWideChar('', pDomain, 255);
StringToWideChar(Command, pProgram, 255);
StringToWideChar(Command+'
CreateProcessWithLogonW(
pUser,
pDomain,
pPass,
1, //LOGON_WITH_PROFILE,
nil,
pParameter,
CREATE_DEFAULT_ERROR_MODE or CREATE_NEW_CONSOLE or
CREATE_NEW_PROCESS_GROUP or CREATE_SEPARATE_WOW_VDM,
nil,
nil,
si,
pi
);
LastError:=GetLastError;
Case LastError of
0: ResultString:='Success!';
86: ResultString:='Wrong password';
1326: ResultString:='Wrong username or password';
1327: ResultString:='Logon failure?user account restriction';
13850: ResultString:='Logon failure?the user has not been granted the requested logon type at this computer.';
2: ResultString:='File not found';
5: ResultString:='Access denied';
else
ResultString:='Error '+IntToStr(LastError);
end;
ShowMessage(ResultString);
Result:=LastError;
End;
procedure TForm1.LaunchClick(Sender:
begin
RunAs(Usuario.Text,Passwor
end;
end.
Ok, this function "RunAs" works fine on win2k,XP sp1 from application or calling from Nt Service, but my problem is that this function works in XP SP2 from an application but from Nt Service this doesn't works any more, the result error is "Access denied" and I need call this function from Nt Service in XP SP2 :( .
Please helpme how to use this function On this OS.
thanks in advance.
Without any feedback it's difficult to say anything. Usually if something works as a normal app but fails as a service then the problem is in the account that service is logging in. Changing it to an account with the correct permissions solves the issue.
Regards, Geo
Regards, Geo
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
This sounds like SP2 has changed some default settings in local security policy (perhaps in User Right Assignment) compared to the previous versions. There are such differences between 2000 and XP(SP1) for sure. I hope that you're using the same service settings (account) in all environments.
Try changing the account your service is logging in to your own account and see if it will work.
Regards, Geo