Iys
asked on
Run a process as admin from a system account in Windows
Hello experts,
I'm running a process under the system account, and I want it to run another process as another user (of course, supplying the username and password).
I'm using the CreateProcessWithLogonW API function, which works fine when my process runs with any account, but NOT under system account... When running on system account, GetLastErr returns 5 (ACCESS_IS_DENIED).
I've tried altering the dwLogonFlags parameter, but in both flags (LOGON_WITH_PROFILE and LOGON_NETCREDENTIALS_ONLY) it behaves the same...
I'm running a process under the system account, and I want it to run another process as another user (of course, supplying the username and password).
I'm using the CreateProcessWithLogonW API function, which works fine when my process runs with any account, but NOT under system account... When running on system account, GetLastErr returns 5 (ACCESS_IS_DENIED).
I've tried altering the dwLogonFlags parameter, but in both flags (LOGON_WITH_PROFILE and LOGON_NETCREDENTIALS_ONLY)
ASKER
OK... not very successful:
The LogonUser func failed with the LOGON32_LOGON_BATCH logon type (as well as LOGON32_LOGON_SERVICE), and all other logon types makes the CreateProcessAsUser function fail.
The LOGON32_LOGON_NEW_CREDENTI ALS logon type is the only logon type not failing the child process creation, but the child process runs under SYSTEM account again!...
The LogonUser func failed with the LOGON32_LOGON_BATCH logon type (as well as LOGON32_LOGON_SERVICE), and all other logon types makes the CreateProcessAsUser function fail.
The LOGON32_LOGON_NEW_CREDENTI
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
https://www.experts-exchange.com/questions/20687952/Service-and-CreateProcessAsUser.html?sfQueryTermInfo=1+createprocessasus