473,324 Members | 2,239 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,324 software developers and data experts.

Using the user token from Winlogon to impersonate the user


I've added a entry to the registry to recieve logon events from
Winlogon. In the WLX_NOTIFICATION_INFO control block there is a member
nToken which contains a handle to the newly logged in user. I would like
to pass this handle to other processes which are running as system
services under the SYSTEM account. When the service gets notified about
the login, I would like to impersonate the newly logged on user and
change the security context of the service to that of the user.

I get the handle from the Winlogon event OK. Can play around with it and
all seems OK. When the service tries to use this handle the API calls
get an 'ACCESS DENIED' return code. I'm assuming that I must do
something in the Winlogon code to the token before I can pass it to
other processes. DuplicateTokenEx .. maybe, set other security flags,
not sure what's next.

*** Sent via Developersdex http://www.developersdex.com ***
Don't just participate in USENET...get rewarded for it!
Nov 15 '05 #1
0 3827

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

8
by: Michelle | last post by:
Hello! I have an ASP.NET application (1.1 framework) that needs to be able to read/write files on a network share. The access to this file share will be fairly restricted, so I need to...
9
by: Ben Dewey | last post by:
Project: ---------------------------- I am creating a HTTPS File Transfer App using ASP.NET and C#. I am utilizing ActiveDirectory and windows security to manage the permissions. Why reinvent...
2
by: Stephen Witter | last post by:
I had previously posted this on the security ng, but haven't had a hit so I was wondering if someone here would be willing to take a stab. I am trying to copy a file to a network drive. I can do...
3
by: Sharat Koya | last post by:
Please can you help with a problem I am having. My web config is set to... <authorization><deny users="?"/> <authentication mode="Forms"> <forms name=".COOKIE" loginUrl="login.aspx"...
2
by: Marja Ribbers-de Vroed | last post by:
Hi, I've developed a COM DLL in Visual C++ to generate a digital signature based on a certificate read from a PFX file. This DLL is used in a classic ASP webapplication to digitally sign a XML...
2
by: Niclas | last post by:
Hi, I am trying to get a usertoken from a particular process running on the computer, from a Windows Service to do a Windows group membership of the user running that process. I was planning to...
1
by: lecnac | last post by:
Sorry for the repost. I must have done something wrong when I tried to post my reply (I can't seem to find it). Anyway, I'd really appreciate any help that anyone could provide. My issue is...
1
by: Eric Pearson | last post by:
I implement my own HTTP server and pass ASP.Net requests via HttpWorkerRequest. When I authenticate a client, I pass the correct windows token inside of GetUserToken(), and within my...
9
by: =?Utf-8?B?UmF5?= | last post by:
Have SQL server on one machine. Have IIS on another machine in same large intranet. Have website in IIS with Basic Authentication turned on and other options deselected. Have webpage (.aspx) with...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: ryjfgjl | last post by:
ExcelToDatabase: batch import excel into database automatically...
0
isladogs
by: isladogs | last post by:
The next Access Europe meeting will be on Wednesday 6 Mar 2024 starting at 18:00 UK time (6PM UTC) and finishing at about 19:15 (7.15PM). In this month's session, we are pleased to welcome back...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: Shællîpôpï 09 | last post by:
If u are using a keypad phone, how do u turn on JavaScript, to access features like WhatsApp, Facebook, Instagram....
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...
0
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 3 Apr 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome former...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.