Re: Authenticate user
- From: "Hieu Le Trung" <hieult@xxxxxxxxxxxxxxxx>
- Date: Fri, 13 Jan 2006 09:05:26 +0700
Hi,
No, i mean that i'm logged in as a user (User privilege) and i want to start
a process as Administrator or impersonate Administrator user to modify
registry key of HKEY_LOCAL_MACHINE.
The function LogonUser is working fine for Windows XP or above, but with
Windows 2000 this function require SE_TCB_NAME privilege enable for the
user.
Any other ways that i can log on as an Administrator and modify registry key
of HKEY_LOCAL_MACHINE (as when you logged on as a user, and go to User
Management in Control Panel, and there'll open a dialog for you enter user
name and password of an Administrator, and then it'll start the User
Management with Administrator privilege)
Thanks
Hieu Le
"Kellie Fitton" <KELLIEFITTON@xxxxxxxxx> wrote in message
news:1136072723.280516.41800@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
> Hi,
>
> Well, if you want your process to impersonate the loggedOn user,
> then you need the token handle that represents that user, and if
> you obtain this token handle by using the following API's:
>
> GetCurrentProcess()
> OpenProcessToken()
>
> then that token will only represent the current process and its
> privileges, however, the proper approach of obtaining a token
> handle that represents the loggedOn user, and launching your own
> executable program under the user's security context privileges,
> is by simply using the following API's:
>
> LogonUserEx()
> ImpersonateLoggedOnUser()
> CreateEnvironmentBlock()
> GetUserProfileDirectory()
> LoadUserProfile()
> CreateProcessAsUser()
>
> Then,
>
> DestroyEnvironmentBlock()
> UnloadUserProfile()
> RevertToSelf()
> CloseHandle()
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthn/security/logonuserex.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/impersonateloggedonuser.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/policy/policy/createenvironmentblock.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/policy/policy/getuserprofiledirectory.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/policy/policy/loaduserprofile.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dllproc/base/createprocessasuser.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/policy/policy/destroyenvironmentblock.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/policy/policy/unloaduserprofile.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/secauthz/security/reverttoself.asp
>
> http://msdn.microsoft.com/library/default.asp?url=/library/en-us/sysinfo/base/closehandle.asp
>
> Hope these information helps,
>
> Kellie.
>
.
- Follow-Ups:
- Re: Authenticate user
- From: Joe Kaplan \(MVP - ADSI\)
- Re: Authenticate user
- Prev by Date: Coredll patch for Windoxs CE 4.21
- Next by Date: Re: Using RevertToSelf in DLL to be used from classic ASP webapplication
- Previous by thread: Coredll patch for Windoxs CE 4.21
- Next by thread: Re: Authenticate user
- Index(es):
Relevant Pages
|
