From: matt_sykes on
On 24 Aug, 21:45, "Maxim S. Shatskih" <ma...(a)storagecraft.com.no.spam>
wrote:
> > I imagine the problem is because the kernel has not been authorised in
> > the same way as the shell once the user owning that share has logged
> > on.  What is your take on this?
>
> Your kernel code must be in the correct user thread context to make such SMB calls.
>
> --
> Maxim S. Shatskih
> Windows DDK MVP
> ma...(a)storagecraft.comhttp://www.storagecraft.com

Thought so. Unfortunately its called by a service, which runs in the
system account. I had thought of this already though but thanks for
verifying it.

In another product we hooked NtCreateTokan in order to do
impersonation but this isnt in this product.
From: matt_sykes on
On 25 Aug, 12:09, "Pavel A." <pave...(a)12fastmail34.fm> wrote:
> "matt_sykes" <zzeb...(a)hotmail.com> wrote in message
>
> news:fd566716-1ac7-403d-ad82-
> ........
>
> > In another product we hooked NtCreateTokan in order to do
> > impersonation but this isnt in this product.
>
> That's good - no need to repeat the traditional mantras about hooking :)
>
> -- pa

:) We found a 2003 server bug doing this a few months back.
From: matt_sykes on
On 24 Aug, 21:45, "Maxim S. Shatskih" <ma...(a)storagecraft.com.no.spam>
wrote:
> > I imagine the problem is because the kernel has not been authorised in
> > the same way as the shell once the user owning that share has logged
> > on.  What is your take on this?
>
> Your kernel code must be in the correct user thread context to make such SMB calls.
>
> --
> Maxim S. Shatskih
> Windows DDK MVP
> ma...(a)storagecraft.comhttp://www.storagecraft.com

I had a little play with calling the code from the kernel in a user
thread context (in a deviceioctl handler) and ZwQuerySecurityObject()
still returns ACCESS_DENIED. Did you have a different user thread
context in mind?