WinXp SP2 problem with RunAs from Nt Service

Hi Experts,

I Found this code for launch  an application with other user rigths:

unit Unit1;

interface

uses
  Windows, Messages, SysUtils, Variants, Classes, Graphics, Controls, Forms,
  Dialogs, StdCtrls;

type
  TForm1 = class(TForm)
    Launch: TButton;
    App: TEdit;
    Usuario: TEdit;
    Password: TEdit;
    Parametro: TEdit;
    procedure LaunchClick(Sender: TObject);
  private
    { Private declarations }
  public
    { Public declarations }
  end;


function CreateProcessWithLogonW(

  lpUserName: PWideChar;
  lpDomain: PWideChar;
  lpPassword: PWideChar;
  dwLogonFlags: DWORD;
  lpApplicationName: PWideChar;
  lpCommandLine: PWideChar;
  dwCreationFlags: DWORD;
  lpEnvironment: Pointer;
  lpCurrentDirectory: PChar;
  const lpStartupInfo: TStartupInfo;
  var lpProcessInformation: TProcessInformation
  ): BOOL; stdcall;

Function RunAs(Username, Password, Command,Parameter: String): integer;




var
  Form1: TForm1;

implementation

{$R *.dfm}

function CreateProcessWithLogonW; external advapi32 name 'CreateProcessWithLogonW';


function PerformLogon(const User, Domain, Password: String): Cardinal;
begin
      if NOT LogonUser(pChar(User), pChar(Domain), pChar(Password),
             LOGON32_LOGON_NETWORK,
             LOGON32_PROVIDER_DEFAULT,
             Result) then
      RaiseLastWin32Error;
end;



Function RunAs(Username, Password, Command, Parameter: String): integer;
Var
  si: TStartupInfo;
  pi: TProcessInformation;
  pUser, pPass, pDomain, pProgram,pParameter: array [0..255] of WChar;
  LastError: DWORD;
  ResultString: String;
Begin
  ZeroMemory(@si, SizeOf(si));
  si.cb:=SizeOf(si);
  ZeroMemory(@pi, SizeOf(pi));

  StringToWideChar(UserName, pUser, 255);
  StringToWideChar(PassWord, pPass, 255);
  StringToWideChar('', pDomain, 255);
  StringToWideChar(Command, pProgram, 255);
  StringToWideChar(Command+' '+Parameter, pParameter, 255);

  CreateProcessWithLogonW(
    pUser,
    pDomain,
    pPass,
    1, //LOGON_WITH_PROFILE,
    nil,
    pParameter,
    CREATE_DEFAULT_ERROR_MODE or CREATE_NEW_CONSOLE or
    CREATE_NEW_PROCESS_GROUP  or CREATE_SEPARATE_WOW_VDM,
    nil,
    nil,
    si,
    pi
   );
  LastError:=GetLastError;
 Case LastError of
   0:    ResultString:='Success!';
   86:   ResultString:='Wrong password';
   1326: ResultString:='Wrong username or password';
   1327: ResultString:='Logon failure?user account restriction';
   13850: ResultString:='Logon failure?the user has not been granted the requested logon type at this computer.';
   2:    ResultString:='File not found';
   5:    ResultString:='Access denied';
 else
   ResultString:='Error '+IntToStr(LastError);
 end;
 ShowMessage(ResultString);
 Result:=LastError;
End;



procedure TForm1.LaunchClick(Sender: TObject);
begin
    RunAs(Usuario.Text,Password.Text,App.Text,Parametro.Text);
end;

end.



Ok, this function "RunAs"  works fine on win2k,XP sp1 from application or calling from Nt Service, but my problem is that this function works in XP SP2 from an application but from Nt Service this doesn't works any more, the result error is "Access denied" and I need call this function from Nt Service in XP SP2 :( .


Please helpme how to use this function On this OS.

thanks in advance.
MauricioGaviriaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

geobulCommented:
Hi,

This sounds like SP2 has changed some default settings in local security policy (perhaps in User Right Assignment) compared to the previous versions. There are such differences between 2000 and XP(SP1) for sure. I hope that you're using the same service settings (account) in all environments.

Try changing the account your service is logging in to your own account and see if it will work.

Regards, Geo
0
geobulCommented:
Without any feedback it's difficult to say anything. Usually if something works as a normal app but fails as a service then the problem is in the account that service is logging in. Changing it to an account with the correct permissions solves the issue.

Regards, Geo
0
moduloCommented:
PAQed with no points refunded (of 500)

modulo
Community Support Moderator
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Delphi

From novice to tech pro — start learning today.