CreateProcessAs User returns 1314, but privileges have been set right (I think)...help

15 New Member

Hello, I wrote a windows service that is supposed to start an interactive GUI app. I realize a service will not readily do this so I've pieced together the code below to bypass that. However, the call to CreateProcessAs User always returns a 1314 error: 'A required privilege is not held by the client.'

I realize from the doc's that the calling process must have SE_TCB_NAME privilaege to assign new privileges to the new process and I have done that in a method further below.

So I'm not sure why this is not launching the app. To keep things simple, I'm running notepad.exe from a cmd console, I'm just running this code as its own app so there's no service on top to muddle things up. Also I'm running it locally to make things simpler, but still that error keeps popping up. Also I'm on XP.

Would someone that has had experience with this please tell me what's wrong? Thanks in advance!!

public static void Main(string[] args)
{
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);

try
{
string userName, domainName;

//USE YOUR LOGIN INFO HERE
domainName = "mydomain";
userName = "user";
pwd="mypass";

tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;

bool returnValue = LogonUser(userN ame, domainName, pwd,
LOGON32_LOGON_I NTERACTIVE, LOGON32_PROVIDE R_DEFAULT,
ref tokenHandle);

if(false == returnValue)
{
int ret = Marshal.GetLast Win32Error();
Console.WriteLi ne("LogonUser failed with error code : {0}", ret);
int errorCode = 0x5;
throw new System.Componen tModel.Win32Exc eption(errorCod e);
}

SECURITY_ATTRIB UTES pSec = new SECURITY_ATTRIB UTES();
SECURITY_ATTRIB UTES tSec = new SECURITY_ATTRIB UTES();
pSec.nLength = Marshal.SizeOf( pSec);
tSec.nLength = Marshal.SizeOf( tSec);

bool retVal = DuplicateTokenE x(tokenHandle, (uint)TokenAcce ssLevels.AllAcc ess, ref pSec,
SECURITY_IMPERS ONATION_LEVEL.S ecurityIdentifi cation, TOKEN_TYPE.Toke nPrimary,
out dupeTokenHandle );
if(false == retVal)
{
CloseHandle(tok enHandle);
Console.WriteLi ne("Exception thrown in trying to duplicate token.");
return;
}

WindowsIdentity newId = new WindowsIdentity (dupeTokenHandl e);
WindowsImperson ationContext impersonatedUse r = newId.Impersona te();

PROFILEINFO aPI = new PROFILEINFO();
aPI.dwSize = 32;
aPI.lpUserName = WindowsIdentity .GetCurrent().N ame;

bool retLoadProfile = LoadUserProfile (newId.Token, ref aPI);

StringBuilder CommandLine = new StringBuilder(@ "cmd /c C:\windows\syst em32\notepad.ex e");
const uint NORMAL_PRIORITY _CLASS = 0x0020;
PROCESS_INFORMA TION pInfo = new PROCESS_INFORMA TION();
STARTUPINFO sInfo = new STARTUPINFO();

IntPtr aToken=newId.To ken;
SetPrivs(ref aToken);

sInfo.wShowWind ow = 5;
sInfo.lpTitle = "Hello!";
sInfo.lpDesktop ="winsta0\\defa ult";

uint dwCreationFlags = NORMAL_PRIORITY _CLASS| CREATE_NEW_CONS OLE;
IntPtr pEnv = IntPtr.Zero;
if(CreateEnviro nmentBlock(out pEnv, dupeTokenHandle , true))
{
dwCreationFlags |= CREATE_UNICODE_ ENVIRONMENT;
}
else
{
pEnv = IntPtr.Zero;
}

bool retCreateProces s = CreateProcessAs User(newId.Toke n,
null,
CommandLine,
ref pSec,
ref tSec,
false,
NORMAL_PRIORITY _CLASS,
pEnv,
null,
ref sInfo,
out pInfo);

int err = Marshal.GetLast Win32Error();
Console.WriteLi ne("CreateProce ss="+retCreateP rocess.ToString ()+". With error:"+ err.ToString()) ;

// Check the identity.
Console.WriteLi ne("After impersonation: " + WindowsIdentity .GetCurrent().N ame);

Console.ReadKey ();

// Stop impersonating the user.
impersonatedUse r.Undo();

// Free the tokens.
if(tokenHandle != IntPtr.Zero)
CloseHandle(tok enHandle);
if(dupeTokenHan dle != IntPtr.Zero)
CloseHandle(dup eTokenHandle);
}
catch(Exception ex)
{
Console.WriteLi ne("Exception occurred. " + ex.Message);
}

}
}

In this method as an experiment I tried setting all privileges to see if perhaps I had been missing one but generally I will be setting TCB(if that's the right one to set.)

You'll note that I'm setting the Current Process Privilage to TCB because the Doc's say that that needs to be done.

private static bool SetPrivs(ref IntPtr theToken)
{
const int SE_PRIVILEGE_EN ABLED = 0x0002;

List<string> aPrivs = new List<string>();

aPrivs.Add(SE_C REATE_TOKEN_NAM E);
aPrivs.Add(SE_A SSIGNPRIMARYTOK EN_NAME);
aPrivs.Add(SE_L OCK_MEMORY_NAME );
aPrivs.Add(SE_I NCREASE_QUOTA_N AME);
aPrivs.Add(SE_U NSOLICITED_INPU T_NAME);
aPrivs.Add(SE_M ACHINE_ACCOUNT_ NAME);
aPrivs.Add(SE_T CB_NAME);
aPrivs.Add(SE_S ECURITY_NAME);
aPrivs.Add(SE_T AKE_OWNERSHIP_N AME);
aPrivs.Add(SE_L OAD_DRIVER_NAME );
aPrivs.Add(SE_S YSTEM_PROFILE_N AME);
aPrivs.Add(SE_S YSTEMTIME_NAME) ;
aPrivs.Add(SE_P ROF_SINGLE_PROC ESS_NAME);
aPrivs.Add(SE_I NC_BASE_PRIORIT Y_NAME);
aPrivs.Add(SE_C REATE_PAGEFILE_ NAME);
aPrivs.Add(SE_C REATE_PERMANENT _NAME);
aPrivs.Add(SE_B ACKUP_NAME);
aPrivs.Add(SE_R ESTORE_NAME);
aPrivs.Add(SE_S HUTDOWN_NAME);
aPrivs.Add(SE_D EBUG_NAME);
aPrivs.Add(SE_A UDIT_NAME);
aPrivs.Add(SE_S YSTEM_ENVIRONME NT_NAME);
aPrivs.Add(SE_C HANGE_NOTIFY_NA ME);
aPrivs.Add(SE_R EMOTE_SHUTDOWN_ NAME);
aPrivs.Add(SE_U NDOCK_NAME);
aPrivs.Add(SE_S YNC_AGENT_NAME) ;
aPrivs.Add(SE_E NABLE_DELEGATIO N_NAME);
aPrivs.Add(SE_M ANAGE_VOLUME_NA ME);
aPrivs.Add(SE_I MPERSONATE_NAME );
aPrivs.Add(SE_C REATE_GLOBAL_NA ME);

SetCurrProcPriv (SE_TCB_NAME);

foreach(string aPriv in aPrivs)
{
TOKEN_PRIVILEGE S aTP = new TOKEN_PRIVILEGE S();
LUID luid = new LUID();

aTP.PrivilegeCo unt = 1;
aTP.Privileges = new int[3];
aTP.Privileges[2] = SE_PRIVILEGE_EN ABLED;
aTP.Privileges[1] = luid.HighPart;
aTP.Privileges[0] = luid.LowPart;

try
{
LookupPrivilege Value(IntPtr.Ze ro, aPriv, ref luid);

bool isSuccess=Adjus tTokenPrivilege s(theToken, false, ref aTP, Marshal.SizeOf( aTP), IntPtr.Zero, IntPtr.Zero);
if(!isSuccess)
return false;
else
return true;
}
catch (Exception e)
{
Console.WriteLi ne(e.Message);
Console.ReadKey ();
}
}

return false;
}

private static IntPtr SetCurrProcPriv (string thePrivilegeNam e)
{
IntPtr hToken =new IntPtr();
bool isSuccess=false ;
LUID luid = new LUID();
IntPtr aCurrProc = GetCurrentProce ss();

TOKEN_PRIVILEGE S aTP=new TOKEN_PRIVILEGE S();
STARTUPINFO si=new STARTUPINFO();
si.cb = (int)Marshal.Si zeOf(si);

isSuccess = OpenProcessToke n(aCurrProc,
TOKEN_QUERY | TOKEN_ADJUST_PR IVILEGES |
TOKEN_ADJUST_SE SSIONID |TOKEN_ADJUST_D EFAULT |
TOKEN_ASSIGN_PR IMARY | TOKEN_DUPLICATE , out hToken);

if(!isSuccess)
Console.WriteLi ne("Error OpenProcessToke n " + Marshal.GetLast Win32Error().To String());

isSuccess = LookupPrivilege Value(IntPtr.Ze ro, thePrivilegeNam e, ref luid);
if(!isSuccess)
Console.WriteLi ne("Error OpenProcessToke n " + Marshal.GetLast Win32Error().To String());

aTP.PrivilegeCo unt = 1;
aTP.Privileges = new int[3];
aTP.Privileges[0] = luid.LowPart;
aTP.Privileges[1] = luid.HighPart;
aTP.Privileges[2] = SE_PRIVILEGE_EN ABLED;

isSuccess = AdjustTokenPriv ileges(hToken, false, ref aTP, Marshal.SizeOf( aTP), IntPtr.Zero, (IntPtr)Marshal .SizeOf(aTP));
if(!isSuccess)
return IntPtr.Zero;
else
return hToken;

}

Feb 4 '08 #1

Subscribe Reply

4652

Similar topics

2279

CreateObject() in ASP => Access right? Please help!!

by: Roland Johann | last post by:

On my Windows Server 2003 Web Edition I have installed an application which offers some OLE Automation Objects. On my local system (W2k Prof) it works fine but on my server 2003 I have a big problem with the access right. I configured the IIS so that for this site E:\Websites\myASPSite the ASP application (regular old ASP, no ASP.NET code!) should use the default ASP users right (I created a myASPUser). Under this user I can start my OLE...

ASP / Active Server Pages

1448

Subqurey returns more than one value error HELP....

by: meyvn77 | last post by:

My update query updates about 50 columns and they all have the same format: (Im using ADP to interact with the SQL Server) UPDATE dbo.GIS_EVENTS_TEMP SET VEH1TYPE = (SELECT VEHICLETYPE FROM VEHICLE AS A WHERE(GIS_EVENTS_TEMP.CASEID = A.CRASHNUMBER) AND(A.UNITID = 1)), VEH2TYPE = (....... same as above with UNITID = 2)

Microsoft SQL Server

1335

Its been so long Help?

by: Weasel | last post by:

Hey everyone, its been a while since i was last interested in C++ well like 3 years now... and i still cant remember what the command was in the Compiler to compile the program... Also when you save the script what do you save the extension as Example > .html , .js and last question is about A.out, i remember that you needed this to excute the program, but i cant remember what the script contained to

C / C++

1014

dataset datarelation returns null, causing program to bomb--help!

by: Brian | last post by:

I'm new to C# and using a dataset for the first time. I'm trying to establish a relationship between 2 tables in the dataset (for a treeview I plan to use), but the statement below bombs because ds.Tables .Columns ) returns null. Any idea what is wrong? ds.Relations.Add ("CategoryID", ds.Tables .Columns , ds.Tables .Columns );

C# / C Sharp

1783

Debugger privileges for ASP.NET

by: Tony Nassar | last post by:

Colleagues, I'm new to Web apps, so forgive the density of this question. I believe I've followed all the pertinent instructions, but I am not allowed to debug my very first ASP.NET application. I am the sole user of this computer, and am, obviously, the administrator. I have granted \\THISMACHINE\ASPNET debugger privileges; it doesn't help. I followed the instructions to the point of creating the absolutely minimal ASP application, with...

ASP.NET

933

Casting Question - I think!! Help please

by: Alex Pierson | last post by:

I have a string called jkl which currently is "3 * 4 + xyz" I also have an integer: xyz = 5 How do get an integer that equals 17 (3 times 4 plus 5.) In other, more specifically: dim jkl as string = "3 * 4 + xyz" dim xyz as integer = 5

Visual Basic .NET

1135

Intern Strings - am I using them right? Please help!

by: almurph | last post by:

Intern Strings - am I usingthem right. I have heard a lot about intern string - so I wanted to use them to increas e speed of processing. I have a hastable that I am using to parse a string of the form: wordA wordB wordC wordD etc etc

Visual Basic .NET

2219

Syntax error, missing right parenthesis.. help

by: Phil Powell | last post by:

<input type="submit" name="delete_student" value="Delete Applicant" onClick="setSubmitVal(this); return willDeleteApplicant('O&#039;Connor, Kerry B');"> This HTML tag causes Javascript errors in IE 7+ and in Mozilla; seems to be OK in Firefox 1.0 for Linux. This is a time-sensitive issue that I can't seem to resolve, could someone come up with a quickie for me in this case? It seems the student's name is breaking things in Javascript...

Javascript

6165

Label losing value on postback (i think) HELP!

by: TheAmes | last post by:

Hi I have a asp.net site in VB.NET and VWD 2005 Express. in the master page i have a Label. from a content page i change the value of this label like so: dim X as label = page.master.findcontrol("Label3") X.text = "Some Text Here"

ASP.NET

10330

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...

C / C++

10153

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...

Online Marketing

10093

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For most users, this new feature is actually very convenient. If you want to control the update process,...

Windows Server

9952

Discussion: How does Zigbee compare with other wireless protocols in smart home applications?

by: tracyyun | last post by:

Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...

General

7500

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...

Microsoft Access / VBA

6740

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...

C# / C Sharp

5381

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in the same network. But I'm wondering if it's possible to do the same thing, with 2 Pfsense firewalls...

Networking - Hardware / Configuration

5511

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

4053

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp