From: eselk2003 on
I have code that works on XP and Vista, on about 20 different test
PCs, except on one XP system CreateProcessAsUser fails sometimes.
Here is the code, without error checking:

OpenProcessToken(GetCurrentProcess(),TOKEN_ALL_ACCESS,&t);

DuplicateTokenEx
(t,TOKEN_ALL_ACCESS,NULL,SecurityImpersonation,TokenPrimary,&dt);

DWORD sid = WTSGetActiveConsoleSessionId();
SetTokenInformation(dt,TokenSessionId,&sid,sizeof(sid));

STARTUPINFO si;
memset(&si,0,sizeof(si));
si.cb = sizeof(si);
si.lpDesktop = "winsta0\\default";

CreateProcessAsUser(dt,NULL,"c:\myfile.exe",
NULL,NULL,FALSE,NORMAL_PRIORITY_CLASS|CREATE_NEW_CONSOLE,
NULL,NULL,&si,&UserModeProcessInfo);

The code runs in a service running as LocalSystem. I want the process
to run as LocalSystem also (I know the security risks).

If the active console session ID is 0, the code always works. If non-
zero (1, 2, 3, etc), only one on XP system the CreateProcessAsUser
fails and GetLastError() returns 2 (file not found). I can add a
check right before that call to see if the file exists, and it does.
I can change form myfile.exe to notepad.exe or some other system EXE,
and get the same results. If I force to code to always use session ID
0 then it also works, but of course the app runs on the wrong session
(I want it on the active console session).

So obviously there is some issue related to a service (running in
session 0, since this is XP), starting a process under another
session. Weird that the error is 2, and not something like 5 (access
denied).

Or is there a better method to have a service that runs apps under the
current console session, and runs those apps as LocalSystem? All of
the examples I've found on MSDN use LogonUser or WTSQueryUserToken to
"display UI from a service", but in my case I really need/want the
process to run as LocalSystem, not as the active user.
From: Boris on
Line:

CreateProcessAsUser(dt,NULL,"c:\myfile.exe",...

- has a typo. You should use double backslash inside quoted string.

Boris


<eselk2003(a)gmail.com> wrote in message
news:c23dabf5-fa13-4733-8de8-9487177452f4(a)j35g2000yqh.googlegroups.com...
>I have code that works on XP and Vista, on about 20 different test
> PCs, except on one XP system CreateProcessAsUser fails sometimes.
> Here is the code, without error checking:
>
> OpenProcessToken(GetCurrentProcess(),TOKEN_ALL_ACCESS,&t);
>
> DuplicateTokenEx
> (t,TOKEN_ALL_ACCESS,NULL,SecurityImpersonation,TokenPrimary,&dt);
>
> DWORD sid = WTSGetActiveConsoleSessionId();
> SetTokenInformation(dt,TokenSessionId,&sid,sizeof(sid));
>
> STARTUPINFO si;
> memset(&si,0,sizeof(si));
> si.cb = sizeof(si);
> si.lpDesktop = "winsta0\\default";
>
> CreateProcessAsUser(dt,NULL,"c:\myfile.exe",
> NULL,NULL,FALSE,NORMAL_PRIORITY_CLASS|CREATE_NEW_CONSOLE,
> NULL,NULL,&si,&UserModeProcessInfo);
>
> The code runs in a service running as LocalSystem. I want the process
> to run as LocalSystem also (I know the security risks).
>
> If the active console session ID is 0, the code always works. If non-
> zero (1, 2, 3, etc), only one on XP system the CreateProcessAsUser
> fails and GetLastError() returns 2 (file not found). I can add a
> check right before that call to see if the file exists, and it does.
> I can change form myfile.exe to notepad.exe or some other system EXE,
> and get the same results. If I force to code to always use session ID
> 0 then it also works, but of course the app runs on the wrong session
> (I want it on the active console session).
>
> So obviously there is some issue related to a service (running in
> session 0, since this is XP), starting a process under another
> session. Weird that the error is 2, and not something like 5 (access
> denied).
>
> Or is there a better method to have a service that runs apps under the
> current console session, and runs those apps as LocalSystem? All of
> the examples I've found on MSDN use LogonUser or WTSQueryUserToken to
> "display UI from a service", but in my case I really need/want the
> process to run as LocalSystem, not as the active user.

From: eselk2003 on
On Dec 4, 5:46 am, "Boris" <spa...(a)nospam.net> wrote:
> Line:
>
> CreateProcessAsUser(dt,NULL,"c:\myfile.exe",...
>
> - has a typo. You should use double backslash inside quoted string.

Sorry, I just typed that wrong when posting, but in my actual code it
is typed correctly. If it wasn't, then my code wouldn't work on any
platform. Anyway, since I didn't get any other answers, I'm guessing
no one else has seen this issue and doesn't have any ideas of how to
fix it. So far we've tested on about 100 PCs, and only found 1 with
the issue, so obviously it isn't very common.