Prev: Same RGB different color
Next: Need to know about good C++ Reflection API (For RuntimeType Identification -RTTI and runtime calling)
From: greenfish on 26 May 2010 05:16
i want to launch my UI Program without UAC with high integrity level
called by my service app(system account).

how can it be possible?
(it must be same priviledge and token between UAC and no-UAC)
From: Jackie on 26 May 2010 06:23
On 5/26/2010 11:16, greenfish wrote:
> i want to launch my UI Program without UAC with high integrity level
> called by my service app(system account).
>
> how can it be possible?
> (it must be same priviledge and token between UAC and no-UAC)

Running your service with system privileges sounds a little dangerous
but I have once needed this myself.

The process would be similar to this:

sessionId = Get session ID for currently logged on user
userToken = Get user token from sessionId
tokenElevationInfo = Get userToken's elevation information - I don't
remember whether this is needed but I checked if the _token is not
elevated_ before doing the next step.
tokenLinkedTokenInfo = Get userToken's linked token information (this is
info for the elevated token)
elevatedUserToken = tokenLinkedTokenInfo's linked token

Now you have the user's elevated token (elevatedUserToken) and can use
that when calling CreateProcessAsUser.

APIs for you to look up:

WTSGetActiveConsoleSessionId
WTSQueryUserToken
GetTokenInformation
From: Jackie on 29 May 2010 06:02
On 5/26/2010 12:23, Jackie wrote:
> On 5/26/2010 11:16, greenfish wrote:
>> i want to launch my UI Program without UAC with high integrity level
>> called by my service app(system account).
>>
>> how can it be possible?
>> (it must be same priviledge and token between UAC and no-UAC)
>
> Running your service with system privileges sounds a little dangerous
> but I have once needed this myself.
>
> The process would be similar to this:
>
> sessionId = Get session ID for currently logged on user
> userToken = Get user token from sessionId
> tokenElevationInfo = Get userToken's elevation information - I don't
> remember whether this is needed but I checked if the _token is not
> elevated_ before doing the next step.
> tokenLinkedTokenInfo = Get userToken's linked token information (this is
> info for the elevated token)
> elevatedUserToken = tokenLinkedTokenInfo's linked token
>
> Now you have the user's elevated token (elevatedUserToken) and can use
> that when calling CreateProcessAsUser.
>
> APIs for you to look up:
>
> WTSGetActiveConsoleSessionId
> WTSQueryUserToken
> GetTokenInformation

Did you get this sorted out? Would be nice to know if it helped you or not.
 | 
Pages: 1
Prev: Same RGB different color
Next: Need to know about good C++ Reflection API (For RuntimeType Identification -RTTI and runtime calling)