Re: Impersonating from a non admin user account

---

• From: Stefan Kuhr <kustt110@xxxxxx>
• Date: Tue, 31 Jul 2007 17:38:20 +0200

---

Hello Pradeep,

pradeep wrote:

I am trying to impersonate another user from a non admin account, but my code fails at 'LoadUserProfile' giving error 1314 : ERROR_PRIVILEGE_NOT_HELD

How do I elevate the privilege of process so that it performs the Impersonation?

Code:
if(!LogonUser(ui.userName,
pDomain,
ui.userPassword,
LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT,
&tmpToken))
{
return FALSE;
}

memset (&pInfo, 0, sizeof (pInfo));
pInfo.dwSize = sizeof (pInfo);
pInfo.dwFlags = PI_NOUI;
_tcscpy (tmpBuf, (LPCTSTR)ui.userName);
pInfo.lpUserName = tmpBuf;

****This is where it fails,//same code works for admin account
if(!LoadUserProfile (tmpToken, &pInfo))
AfxMessageBox(_T("LoadUserProfile failed"));
if(!ImpersonateLoggedOnUser(tmpToken))
AfxMessageBox(_T("ImpersonateLoggedOnUser failed"));

I also tried using API's:
OpenProcessToken
LookupPrivilegeValue
AdjustTokenPrivileges (I there any API to add a privilege)
But I think this is to adjust already existing privileges.

Basically how do i Impersonate another user from a non-admin account?

Have you tried reverting the order of your LoadUserProfile and ImpsersonateLoggedOnUser calls?

--
Stefan
.

---

• Prev by Date: Re: Writing a Smart Card Minidriver (on PKCS#11)
• Next by Date: Re: Writing a Smart Card Minidriver (on PKCS#11)
• Previous by thread: Re: CPSetKeyParam question
• Next by thread: Re: Impersonating from a non admin user account
• Index(es):
  • Date
  • Thread

---

Relevant Pages The Weakness of Windows Impersonation Model ... The Weakness of Windows Impersonation Model ... Network Service account’s context is elevated to LocalSystem. ... unauthorized privilege elevation. ... (Bugtraq) Re: The Weakness of Windows Impersonation Model ... I believe Longhorn/Vista will address many of issues that currently affect impersonation. ... A context of MS SQL service running as unique user account is ... unauthorized privilege elevation. ... (Bugtraq) Re: Impersonation and UNC network resources ... need the "Act as part of the operating system" privilege to call it under ... only the SYSTEM account has this. ... privilege to any account you want to, but be very careful about that as it ... Another option for you would be using impersonation with Kerberos delegation ... (microsoft.public.dotnet.framework.aspnet.security) Re[2]: The Weakness of Windows Impersonation Model ... keep their impersonation tokens for a while. ... A context of MS SQL service running as unique user account is ... unauthorized privilege elevation. ... (Bugtraq) Re: Impersonation using WindowsIdentity( upn ) ctor ... are using under the hood when you use the WindowsIdentity "UPN" ctor. ... the token returned by the API will either be an Impersonation ... Only accounts with with that privilege can create an ... only the SYSTEM account has ... (microsoft.public.dotnet.security)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint

www.derkeiler.com  > Newsgroups  > microsoft.public.platformsdk.security  > 2007-07