create process in user session from service

by

I use code similar to yours in my own service and it works fine. There are some things that need to be taken into account that the code you showed is not doing:

  1. When calling WTSQueryUserToken(), you have to make sure your service process has the SE_TCB_NAME privilege enabled. Use AdjustTokenPrivileges() for that.

  2. The session ID returned by WTSGetActiveConsoleSessionId() may not be the correct session that you need to run your spawned process on! It returns the session ID that is attached to the physical console (screen/keyboard/mouse) of the local machine, if any. That session may be displaying the secure WinLogon desktop, meaning no user is actually logged in to the physical machine, so calling WTSQueryUserToken() on that session ID would fail with an ERROR_NO_TOKEN error. A user can log in over a Remote Desktop Connection, for instance, in which case that connection would be running in a different session than the console. If you want your spawned process to run in a session that has a user logged in, you need to use WTSEnumerateSessions() to find a session that is in the WTSActive state. And even then, WTSQueryUserToken() may not return a token depending on how the user is logged in, so you need to call WTSQueryUserToken() on each active session you find until you find one that successfully gives you a token.

  3. When calling DuplicateTokenEx(), use SecurityIdentification instead of SecurityDelegation.

  4. When calling CreateProcessAsUser(), you can call CreateEnvironmentBlock() first to create an environment that is appropriate for that specific user and then pass that pointer to CreateProcessAsUser(). Otherwise, the spawned process will use your service’s environment instead. This step is optional, depending on the particular needs of the spawned app.

More Related Contents:

  1. DLLImport of the origin function in the DLL
  2. Generating a unique machine id
  3. How to detect true Windows version?
  4. Is an atomic file rename (with overwrite) possible on Windows?
  5. How to smooth ugly jitter/flicker/jumping when resizing windows, especially dragging left/top border (Win 7-10; bg, bitblt and DWM)?
  6. Prevent windows from going into sleep when my program is running?
  7. Show touch keyboard (TabTip.exe) in Windows 10 Anniversary edition
  8. Where can I find my .emacs file for Emacs running on Windows?
  9. What exactly are DLL files, and how do they work?
  10. Windows Visual Themes: Gallery of Parts and States?
  11. How can we check if a file Exists or not using Win32 program?
  12. Which Font is the default for MFC Dialog Controls?
  13. Delphi Windows Service Design
  14. Wix: Windows Service sometimes uninstalled when upgrading
  15. Why does CreateProcess give error 193 (%1 is not a valid Win32 app)
  16. Programmatically change screen resolution?
  17. IIS w3svc error
  18. How do you programmatically resize and move windows with the Windows API?
  19. Win32 API analog of sending/catching SIGTERM
  20. How to wait for a shell process to finish before executing further code in VB6
  21. How can I invalidate the file system cache?
  22. How can I tell if a window has focus? (Win32 API)
  23. How to identify Windows 10 background store processes that have non-displayed windows that are programmatically visible and minimizable?
  24. Windows CDROM Eject
  25. How to change default sound playback device programmatically?
  26. Gracefully Exit Explorer (Programmatically)
  27. How can I programmatically refresh Windows Explorer?
  28. How to create a virtual printer in Windows?
  29. What is the range of a Windows HANDLE on a 64 bits application?
  30. What are these strange environment variables?

Leave a Comment