Re: Executing a program as a different user
From: name (nospam_at_user.com)
Date: 10/30/04
- Previous message: name: "Re: Windows Admin Script Tools 6.2"
- In reply to: Gregor Smerke: "RE: Executing a program as a different user"
- Messages sorted by: [ date ] [ thread ]
Date: Sat, 30 Oct 2004 04:09:15 -0400
I doubt the implication.
"43 kilobytes"
=============
Sure the usual 3 cross posts nowadays apply.
==============================
Mike must have aches while turning at his Washington address.
"Gregor Smerke" <GregorSmerke@discussions.microsoft.com> wrote in message
news:82B17412-62B5-44E7-B2C6-8735188B99DD@microsoft.com...
> You can use Script Factory Impersonator (SFImpersonator.dll) for this
purpose:
>
> http://cwashington.netreach.net/main/tools/default.asp?topic=n-z
>
> To start an executable as another user (let say privileged user) using
this
> method, follow these steps:
>
> 1. copy SFImpersonator.dll to C:\Windows\System32
> 2. regsvr32 SFImpersonator.dll
>
> Then use the following framework in your VBS:
>
> Set objImpersonator = CreateObject("SFImpersonator.Impostor")
> objImpersonator.Impersonate conPrivilegedUserName, conPrivilegedPassword,
> conPrivilegedDomainName, conLogonTypeInteractive (= 2)
> Set objWMIService =
> GetObject("WinMgmtS:{ImpersonationLevel=Impersonate}!\\.\Root\CIMV2")
> objImpersonator.RevertToSelf
> Set objProcess = objWMIService.Get("Win32_Process")
> objProcess.Create "C:\Path\Program.exe", Null, Null, intProcessId
>
> As objProcess.Create does not load the privileged user’s profile by
itself,
> it must have already been loaded, otherwise the call will fail. This
> requirement can be achieved by using system services in a number of ways:
> - you might have already got a service on your system that is running
under
> the privileged user account
> - if not and if appropriate, create a service only for this purpose using
a
> Windows Resource Kit Tool called SrvAny
> - otherwise you could create a service using WMI Win32_Service methods in
> your code on the fly. First create a service that will run under the
> privileged user, start it, execute Program.exe line, stop and remove the
> service
> - a subvariation of previous method would be hijacking an already present
> (system) service, stopping it, changing the service's Log On As user
account
> to privileged, starting it, executing the program, stopping the service,
> changing again the account to the original and starting it
- Previous message: name: "Re: Windows Admin Script Tools 6.2"
- In reply to: Gregor Smerke: "RE: Executing a program as a different user"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
