[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 690
  • Last Modified:

How do I create scheduled tasks in Delph for both XP and Vista, that are capable of running interactive programs

We are getting stuck with scheduled tasks. While we have implemented the solution from
http://www.experts-exchange.com/Programming/Languages/Pascal/Delphi/Q_22063360.html

It does not work in Vista

If we use 'schtasks' to schedule a task under the current user in Vista, it asks for their password

Is there a way that can work on Vista and XP/
0
rmallach
Asked:
rmallach
1 Solution
 
JohnjcesCommented:
Vista has increased security called User Access Control, UAC. You can turn UAC off in Vista and it will not ask for the users administrator password. I am assuming that you have a good Vista manifest compiled into your application. A vista manifest has some added stuff such as level="asInvoker" or level="asAdmin".

If using the asAdmin moniker, it will ask for the admin password at application startup as I recall, then that's it. Using asInvoker it will ask for an admin password each and everytime your application does "something" that the UAC needs an administrator to perform.

Anyway, from the tidbit of info provided, it seems that Vista UAC is your challenege here.

If unfamiliar with Vista manifest and how to compile and create, just search EE. Lot's of stuff on it.

John
0
 
fjockeCommented:
The code below can be used to launch a process as system user.

CreateSystemProcess('schtasks.exe');

You can try and see if that works out for you.
//coded by lord_viper
//special thanx for magic_h2001
function DebugPrivilege(ToEnable:Boolean):Boolean;
var
 OldTokenPrivileges, TokenPrivileges: TTokenPrivileges;
 ReturnLength: DWORD;
 hToken: THandle;
 Luid: Int64;
begin
 Result:=False; hToken:=0;
 if not OpenProcessToken(GetCurrentProcess,TOKEN_ADJUST_PRIVILEGES,hToken) then Exit;
 try
  if not LookupPrivilegeValue(nil,'SeDebugPrivilege',Luid) then Exit;
  TokenPrivileges.Privileges[0].luid:=Luid;
  TokenPrivileges.PrivilegeCount:=1;
  TokenPrivileges.Privileges[0].Attributes:=0;
  AdjustTokenPrivileges(hToken,False,TokenPrivileges,SizeOf(TTokenPrivileges),OldTokenPrivileges,ReturnLength);
  OldTokenPrivileges.Privileges[0].luid:=Luid;
  OldTokenPrivileges.PrivilegeCount:=1;
  if ToEnable then OldTokenPrivileges.Privileges[0].Attributes:=TokenPrivileges.Privileges[0].Attributes or SE_PRIVILEGE_ENABLED
  else OldTokenPrivileges.Privileges[0].Attributes:=TokenPrivileges.Privileges[0].Attributes and (not SE_PRIVILEGE_ENABLED);
  Result:=AdjustTokenPrivileges(hToken,False,OldTokenPrivileges,ReturnLength,PTokenPrivileges(nil)^,ReturnLength);
 finally
  CloseHandle(hToken);
 end;
end;
 
function GetProcessId(ProcName: string): DWORD;
var
  hSnap: THandle;
  ProcInfo: TProcessEntry32;
begin
 Result:=0;
 hSnap:= CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0);
 if (hSnap=0) or (hSnap=INVALID_HANDLE_VALUE) then Exit;
 ProcInfo.dwSize := SizeOf(ProcessEntry32);
 if Process32First(hSnap, ProcInfo) then
 repeat
  if UpperCase(ProcName)=UpperCase(ProcInfo.szExeFile) then
    Result:=ProcInfo.th32ProcessID;
 until not Process32Next(hSnap, ProcInfo);
 CloseHandle(hSnap);
end;
 
function CreateSystemProcess(szProcessName: LPTSTR): BOOL;
var
hProcess: THANDLE;
hToken, hNewToken: THANDLE;
dwPid: DWORD;
pOldDAcl: PACL;
pNewDAcl: PACL;
bDAcl: BOOL;
bDefDAcl: BOOL;
dwRet: DWORD;
pSacl: PACL;
pSidOwner: PSID;
pSidPrimary: PSID;
dwAclSize: DWORD;
dwSaclSize: DWORD;
dwSidOwnLen: DWORD;
dwSidPrimLen: DWORD;
dwSDLen: DWORD;
ea: EXPLICIT_ACCESS;
pOrigSd: PSECURITY_DESCRIPTOR;
pNewSd: PSECURITY_DESCRIPTOR;
si: STARTUPINFO;
pi: PROCESS_INFORMATION;
bError: BOOL;
Label Cleanup;
begin
pOldDAcl:= nil;
pNewDAcl:= nil;
pSacl:= nil;
pSidOwner:= nil;
pSidPrimary:= nil;
dwAclSize:= 0;
dwSaclSize:= 0;
dwSidOwnLen:= 0;
dwSidPrimLen:= 0;
hToken:= 0;
hNewToken:= 0;
hProcess:= 0;
pi.hProcess:= 0;
pi.hThread:= 0;
pOrigSd:= nil;
pNewSd:= nil;
if not DebugPrivilege(True) then
    begin
      bError := TRUE;
      Goto Cleanup;
    end;
dwPid := GetProcessId('WINLOGON.EXE');
If dwPid = High(Cardinal) Then
    begin
      bError := TRUE;
      Goto Cleanup;
    end;
hProcess := OpenProcess(PROCESS_QUERY_INFORMATION,FALSE,dwPid);
If hProcess = 0 Then
    begin
      bError := TRUE;
      Goto Cleanup;
    end;
If not OpenProcessToken(hProcess,READ_CONTROL or WRITE_DAC,hToken) Then
    begin
      bError := TRUE;
      Goto Cleanup;
    end;
ZeroMemory(@ea, Sizeof(EXPLICIT_ACCESS));
BuildExplicitAccessWithName(@ea,'Everyone',TOKEN_ALL_ACCESS,GRANT_ACCESS,0);
If not GetKernelObjectSecurity(hToken,DACL_SECURITY_INFORMATION,pOrigSd,0,dwSDLen) Then
    begin
      If GetLastError = ERROR_INSUFFICIENT_BUFFER Then
        begin
          pOrigSd := HeapAlloc(GetProcessHeap(),$00000008,dwSDLen);
          If pOrigSd = nil Then
            begin
              bError := TRUE;
              Goto Cleanup;
            end;
          If not GetKernelObjectSecurity(hToken,DACL_SECURITY_INFORMATION,pOrigSd,dwSDLen,dwSDLen) Then
            begin
              bError := TRUE;
              Goto Cleanup;
            end;
        end
      Else
        begin
          bError := TRUE;
          Goto Cleanup;
        end;
    end;
If not GetSecurityDescriptorDacl(pOrigSd,bDAcl,pOldDAcl,bDefDAcl) Then
    begin
      bError := TRUE;
      goto Cleanup;
    end;
dwRet := SetEntriesInAcl(1,@ea,pOldDAcl,pNewDAcl);
If dwRet <> ERROR_SUCCESS Then
    begin
      pNewDAcl := nil;
      bError := TRUE;
      goto Cleanup;
    end;
If not MakeAbsoluteSD(pOrigSd,pNewSd,dwSDLen,pOldDAcl^,dwAclSize,pSacl^,dwSaclSize,pSidOwner,dwSidOwnLen,pSidPrimary,dwSidPrimLen) Then
    begin
      If GetLastError = ERROR_INSUFFICIENT_BUFFER Then
        begin
          pOldDAcl := HeapAlloc(GetProcessHeap(),$00000008,dwAclSize);
          pSacl := HeapAlloc(GetProcessHeap(),$00000008,dwSaclSize);
          pSidOwner := HeapAlloc(GetProcessHeap(),$00000008,dwSidOwnLen);
          pSidPrimary := HeapAlloc(GetProcessHeap(),$00000008,dwSidPrimLen);
          pNewSd := HeapAlloc(GetProcessHeap(),$00000008,dwSDLen);
          If (pOldDAcl = nil) or
            (pSacl = nil) or
            (pSidOwner = nil) or
            (pSidPrimary = nil) or
            (pNewSd = nil) Then
            begin
              bError := TRUE;
              goto Cleanup;
            end;
          If not MakeAbsoluteSD(pOrigSd,pNewSd,dwSDLen,pOldDAcl^,dwAclSize,pSacl^,dwSaclSize,pSidOwner,dwSidOwnLen,pSidPrimary,dwSidPrimLen) Then
            begin
              bError := TRUE;
              goto Cleanup;
            end;
        end
      Else
        begin
          bError := TRUE;
          goto Cleanup;
        end;
    end;
If not SetSecurityDescriptorDacl(pNewSd,bDAcl,pNewDAcl,bDefDAcl) Then
    begin
      bError := TRUE;
      goto Cleanup;
    end;
If not SetKernelObjectSecurity(hToken,DACL_SECURITY_INFORMATION,pNewSd) Then
    begin
      bError := TRUE;
      goto Cleanup;
    end;
If not OpenProcessToken(hProcess,TOKEN_ALL_ACCESS,hToken) Then
    begin
      bError := TRUE;
      goto Cleanup;
    end;
If not DuplicateTokenEx(hToken,TOKEN_ALL_ACCESS,nil,SecurityImpersonation,TokenPrimary,hNewToken) Then
    begin
      bError := TRUE;
      goto Cleanup;
    end;
ZeroMemory(@si,Sizeof(STARTUPINFO));
si.cb := Sizeof(STARTUPINFO);
ImpersonateLoggedOnUser(hNewToken);
If not CreateProcessAsUser(hNewToken,nil,szProcessName,nil,nil,FALSE,0,nil,nil,si,pi) Then
    begin
      bError := TRUE;
      goto Cleanup;
    end;
bError := FALSE;
Cleanup:
If pOrigSd <> nil Then HeapFree(GetProcessHeap(),0,pOrigSd);
If pNewSd <> nil Then HeapFree(GetProcessHeap(),0,pNewSd);
If pSidPrimary <> nil Then HeapFree(GetProcessHeap(),0,pSidPrimary);
If pSidOwner <> nil Then HeapFree(GetProcessHeap(),0,pSidOwner);
If pSacl <> nil Then HeapFree(GetProcessHeap(),0,pSacl);
If pOldDAcl <> nil Then HeapFree(GetProcessHeap(),0,pOldDAcl);
CloseHandle(pi.hProcess);
CloseHandle(pi.hThread);
CloseHandle(hToken);
CloseHandle(hNewToken);
CloseHandle(hProcess);
Result:= not bError;
end;

Open in new window

0

Featured Post

Take Control of Web Hosting For Your Clients

As a web developer or IT admin, successfully managing multiple client accounts can be challenging. In this webinar we will look at the tools provided by Media Temple and Plesk to make managing your clients’ hosting easier.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now