WinAPI C - RunAsUser from REDMON_USER and REDMON_SESSIONID

纵然是瞬间 提交于 2019-12-08 02:04:12

问题


I installed a PostScript printer driver and have setup REDMON (redmonnt.dll) for redirecting postscript output to my program. In my rather simple c program I capture the data from STDIN and I am able to successfully save it into a .ps file. The file looks OK.

However, I want to start gsview.exe for viewing the file. If I call ShellExecute it fails in Windows 7 because of permission issues. It seems that my program is called under a different user account (LOCAL SERVICE). So I am looking for a way to run gsview.exe under a specific username (the user who initiated the print job) which is available to the program in a variable called REDMON_USER along with the SESSIONID as well.

Q: What are the minimum WinAPI calls required to start a program given a username and a sessionid?

Any code examples in C/C++, .NET would be very helpful.

EDIT: What I am trying accomplish is something very similar to redrunee (from redmonee). I don't want to use redrunee because it opens about a console window for a brief moment.

Note: 1) The program is called by the printer service as [LOCAL SERVICE] account. 2) The first parameter Username (REDMON_USER), in effect, points to the user currently looking at the screen


回答1:


Look at CreateProcessAsUser.

Also look at CreateProcessWithLogonW and CreateProcess.

They are linked from the CreateProcessAsUser

EDIT In reply to comments by OP.

Follow advice from this thread.

I am copying this here verbatim, in case the original link stops working:

The same code works for us on Vista as on XP, etc. The service is running as the Local System.

  1. use WTSGetActiveConsoleSessionId to get the ID of the current active Windows session at the console (i.e. the machine keyboard and display, as opposed to WTS sessions).

  2. use WTSQueryUserToken to get the token for that session.

  3. use DuplicateTokenEx(hToken,MAXIMUM_ALLOWED,NULL,SecurityIdentification,TokenPrimary, &hTokenDup) to duplicate that token.

  4. use CreateEnvironmentBlock to create an environment that you will be passing to the process.

  5. use CreateProcessAsUser with the duplicated token and the created environment. Actually, we use CreateProcessAsUserW, since the A version had some sort of bug on some older systems.

  6. Don't forget to CloseHandle on the various tokens, etc, and to DestroyEnvironmentBlock the environment.

Thank you efratian.

PS. Oh joy of Windows programming, did not do it for quite a while. Now I remember why. The only thing that is close or even worse documented is OpenSSH programming.




回答2:


The documentation describes the "Run as User" feature, which seems to be exactly what you want:

Run as User is intended for launching a GUI program such as GSview locally via RedRun.



来源:https://stackoverflow.com/questions/2907512/winapi-c-runasuser-from-redmon-user-and-redmon-sessionid

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!