C# Windows Service - CreateProcessAsUser as a local admin in a user session.
$250-750 USD
Ditutup
Dibuat sekitar 1 tahun yang lalu
$250-750 USD
Dibayar ketika dikirim
Situation
A Windows service is running as SYSTEM in the background.
The service should start an application in an active user session.
This application should be started with the rights of a third user (not SYSTEM, not current user but local admin account).
Involved
SYSTEM: The service is installed by default without any special configuration.
User A: Logged in with an own Windows session. His SessionID will be used to start an application under user B in it.
User B: Logged in with LogonUser to Windows. His token is then used for CreateProcessAsUser is used.
Current state
I have written a function which can start an application in the user session.
It expects parameters like: applicationName, commandline and the impersonation information.
What is working?
Launching an application from a service into a running user session. The application runs under the SYSTEM account or under the same account as the logged in user.
What does not work?
Launching an application from a service into a running user session. The application should run under another user account.
It gets launched but it is not usable (see attached Screenshot)
How to call attached code
// = Prepare callback
helper.AppLauncher.PROCESS_INFORMATION procInfo;
// = Prepare impersonation
[login to view URL] impersonationInfo = new [login to view URL]();
// = 2: Start a process as specified user
[login to view URL] = 2; // Service = 0, CurrentUser = 1, LogonUser = [2]
[login to view URL] = "theLocalUserWithAdminRights";
[login to view URL] = "myVerySecre1P@ssword";
[login to view URL]("[login to view URL]", null, true, impersonationInfo, out procInfo);
Please find here a public description of my request:
[login to view URL]
*The function of the windows service is to start a process in a logged on windows user session as another local user which has local admin rights. We don't need to start a process in a logged on windows user as SYSTEM. This is already included in the code.*