Re: Launch Shell process under different identity
From: Chris Conner (Chris.Conner_at_nomansland.com)
Date: 04/06/04
- Next message: CJ Taylor: "Re: Urgent: Fast way to read Parts of Big Files"
- Previous message: DraguVaso: "Re: Urgent: Fast way to read Parts of Big Files"
- In reply to: Trips: "Re: Launch Shell process under different identity"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 6 Apr 2004 11:27:29 -0400
I have run into the same problem and have had solved it using a different
approach:
Depending on what you need to do, use of the following two ways:
1) If the clients are Windows XP or higher machines, use the RUNAS command
instead. This way, you can still Shell execute the process with the current
user credentials and pass the credentials you want to run to this.
OR
2) Create a service account (my choice) that has network rights that runs on
the users machine and create a process file for it to execute. As an
example, have it create a folder in your program files\<application>\process
directory. Create a directory monitor in the service to process the text in
these files as commands to be executed. THIS IS DANGEROUS if you do not have
any kind of security. What I do is encrypt the contents of the file with a
key that is decryted with by the service. Once you have read in the
information - just delete the file and process those commands. The service
will have full local admin rights as well as whatever network rights you
give this service.
=-Chris
"Trips" <anonymous@discussions.microsoft.com> wrote in message
news:4A433DA7-A3B5-48C7-8A10-18483B74EB04@microsoft.com...
> Yes It's a domain service accout and it has proper permissions to access
the domain network folder. With in the code I did a messagebox display
method and it showed the impersonated account as the current changed
identity. The issus is Shell opens up for a second and closes.
>
> I am using these dll in order to impersonate
> [DllImport("advapi32.dll")]
> public static extern int LogonUserA(String lpszUserName,
> String lpszDomain,
> String lpszPassword,
> int dwLogonType,
> int dwLogonProvider,
> ref IntPtr phToken);
> [DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
> public static extern int DuplicateToken(IntPtr hToken,
> int impersonationLevel,
> ref IntPtr hNewToken);
>
> [DllImport("advapi32.dll", CharSet=CharSet.Auto, SetLastError=true)]
> public static extern bool RevertToSelf();
>
> [DllImport("kernel32.dll", CharSet=CharSet.Auto)]
> public static extern bool CloseHandle(IntPtr handle);
> There is nothing wring with the impersonation code as I could see the
changed identity in a message box.
> I am simply doing this after the identity is changed
> System.Diagnostics.Process.Start(cmd); where cmd is a pth to bat file.
>
> thanks
> Ajay
>
- Next message: CJ Taylor: "Re: Urgent: Fast way to read Parts of Big Files"
- Previous message: DraguVaso: "Re: Urgent: Fast way to read Parts of Big Files"
- In reply to: Trips: "Re: Launch Shell process under different identity"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
