Prev: DTN_DATETIMECHANGE Sent Twice to Date and Time Picker.
Next: Transparent, Editbox, HOLLOW_BRUSH, Marking text?
From: Sonic.. on 15 Sep 2008 07:24 Thanks Uwe, Your trick worked, i was successfully able to impersonate on all operating systems. In Vista, it was the token of the non elevated process i was receiving. and i did found the API's WTSGetActiveConsoleSessionId and WTSQueryUserToken useful. Thank you On Sep 8, 3:34 pm, Uwe Sieber <m...(a)uwe-sieber.de> wrote: > Uwe Sieber wrote: > > Sonic.. wrote: > >> Hello, > > >> I am trying to access a network file and edit that file using > >> impersonation from an local service. > >> i use the pid of explorer.exe and obtains it's handle to pass to > >> OpenProcessToken. > >> Then i use the token obtained, to pass to ImpersonateLoggedOnUser(). > > >> Once impersonated i use CreateFile to open an existting network file. > >> The call fails with error Logon Failure: unknown username or > >> password. > > >> This is happening only in Vista. In 2000, XP and 2003 the code is > >> working fine. > > >> Below is the code that i've used. Please tell me why is the above > >> happening in Vista > > > Stealing the Explorer's token is required under W2K only. > > Since XP the terminal API has some new functions: > > > DWORD id = WTSGetActiveConsoleSessionId(); > > WTSQueryUserToken(id, &hToken); > > > Remember that the functions are not aviallable under W2K, > > so load them at runtime. > > And under Vista you might deal with UAC, so there are two > tokens, maybe only the elveated one has access to your > network ressource. WTSQueryUserToken returns the non elevated. > Get the elevated by GetTokenInformation called with > TokenLinkedToken. > > Uwe |