Re: CreateProcessWithLogonW on Server 2003

From: Vincent Finn (1_at_2.com)
Date: 07/12/04

  • Next message: Azar: "NPLogonNotify return value of WN_NO_NETWORK"
    Date: Mon, 12 Jul 2004 16:37:13 +0100
    
    

    On Wed, 7 Jul 2004 16:46:42 -0700, "Yu Chen [MS]"
    <yuchen@online.microsoft.com> wrote:

    >That's a known issue in Windows Server 2003 - the CreateProcessWithLogonW
    >API is changed to better handle the new process' use of desktop by utilizing
    >"Logon Sid" in the caller's token. However the local system token (under
    >which your service is running) doesn't have a "Logon sid" so the API failed
    >when caller is local system.
    >
    >If the caller is local system, you can use LogonUser and CreateProcessAsUser
    >to achieve the same thing.

    That sorted it, thanks.

    LogonUser only seems to work if I use 'LOGON32_LOGON_INTERACTIVE'
    rather than 'LOGON32_LOGON_BATCH'

    any idea why that might be?

            Vin


  • Next message: Azar: "NPLogonNotify return value of WN_NO_NETWORK"

    Relevant Pages

    • Re: CreateProcessWithLogonW on Server 2003
      ... I have a similar problem and have looked on LogonUser and CreateProcessAsUser but I can't find out how to write the code. ... > If the caller is local system, you can use LogonUser and CreateProcessAsUser ...
      (microsoft.public.platformsdk.security)
    • Re: How to avoid an "access denied" when setting PriorityClass
      ... I don't believe that "logonuser" can help with this (what's the Local System ... runs under a user account, and that user is the one assocaited with the ... Impersonate method (the documentation for the Impersonate method should have ...
      (microsoft.public.dotnet.languages.csharp)
    • Re: CreateProcessWithLogonW on Server 2003
      ... When LogonUser failed, what error code did GetLastError return? ... grant the SeBatchLogon right to the account. ... However the local system token (under ...
      (microsoft.public.platformsdk.security)