RE: Executing a program as a different user

From: Gregor Smerke (GregorSmerke_at_discussions.microsoft.com)
Date: 10/25/04 

Date: Mon, 25 Oct 2004 08:19:05 -0700

You can use Script Factory Impersonator (SFImpersonator.dll) for this purpose:

http://cwashington.netreach.net/main/tools/default.asp?topic=n-z

To start an executable as another user (let say privileged user) using this
method, follow these steps:

1. copy SFImpersonator.dll to C:\Windows\System32
2. regsvr32 SFImpersonator.dll

Then use the following framework in your VBS:

Set objImpersonator = CreateObject("SFImpersonator.Impostor")
objImpersonator.Impersonate conPrivilegedUserName, conPrivilegedPassword,
conPrivilegedDomainName, conLogonTypeInteractive (= 2)
Set objWMIService =
GetObject("WinMgmtS:{ImpersonationLevel=Impersonate}!\\.\Root\CIMV2")
objImpersonator.RevertToSelf
Set objProcess = objWMIService.Get("Win32_Process")
objProcess.Create "C:\Path\Program.exe", Null, Null, intProcessId

As objProcess.Create does not load the privileged user’s profile by itself,
it must have already been loaded, otherwise the call will fail. This
requirement can be achieved by using system services in a number of ways:
- you might have already got a service on your system that is running under
the privileged user account
- if not and if appropriate, create a service only for this purpose using a
Windows Resource Kit Tool called SrvAny
- otherwise you could create a service using WMI Win32_Service methods in
your code on the fly. First create a service that will run under the
privileged user, start it, execute Program.exe line, stop and remove the
service
- a subvariation of previous method would be hijacking an already present
(system) service, stopping it, changing the service's Log On As user account
to privileged, starting it, executing the program, stopping the service,
changing again the account to the original and starting it

Relevant Pages

  • RE: Executing a program as a different user
    ... You can use Script Factory Impersonator for this purpose: ... To start an executable as another user (let say privileged user) using this ... privileged user, start it, execute Program.exe line, stop and remove the ... service, stopping it, changing the service's Log On As user account ...
    (microsoft.public.scripting.wsh)
  • RE: Executing a program as a different user
    ... You can use Script Factory Impersonator for this purpose: ... To start an executable as another user (let say privileged user) using this ... privileged user, start it, execute Program.exe line, stop and remove the ... service, stopping it, changing the service's Log On As user account ...
    (microsoft.public.windowsxp.customize)
  • Re: Executing a program as a different user
    ... > To start an executable as another user (let say privileged user) using ... > objImpersonator.Impersonate conPrivilegedUserName, conPrivilegedPassword, ... > the privileged user account ... > privileged user, start it, execute Program.exe line, stop and remove the ...
    (microsoft.public.scripting.wsh)
  • Re: Executing a program as a different user
    ... > To start an executable as another user (let say privileged user) using ... > objImpersonator.Impersonate conPrivilegedUserName, conPrivilegedPassword, ... > the privileged user account ... > privileged user, start it, execute Program.exe line, stop and remove the ...
    (microsoft.public.windowsxp.customize)
  • Re: Executing a program as a different user
    ... > To start an executable as another user (let say privileged user) using ... > objImpersonator.Impersonate conPrivilegedUserName, conPrivilegedPassword, ... > the privileged user account ... > privileged user, start it, execute Program.exe line, stop and remove the ...
    (microsoft.public.win2000.cmdprompt.admin)