Re: SHFileOperation Problem



Hello Kellie,

First of all, thank you very much for your comprehensive reply!

I've been trying to have this work for a few hours now and don't seem to be
able to. Here is what I've got so far:

- LogonUserEx - OK
- ImpersonateLoggedOnUser - OK
- CreateProcessAsUser - "Client privileges not held" error

What I've been struggling with is on how to give the required privileges
to the user token. As I understand I need the following privileges/rights on
the user access token for the CreateProcessAsUser() function to work:

- TOKEN_QUERY
- TOKEN_DUPLICATE
- TOKEN_ASSIGN_PRIMARY

And the process that calls the CreateProcessAsUser() must have the
following privileges:

- SE_ASSIGNPRIMARYTOKEN_NAME
- SE_INCREASE_QUOTA_NAME

Now, the latter privileges I can definetly manage easily but I couldn't
find any way to give my Token (the one that I got as a result of the
LogonUserEx function) the required access rights (Query, Duplicate and
Assign Primary..) to be able to call the CreateProcessAsUser() function.

I'm sorry this newb post of mine but I really don't have any experience in
dealing with the Windows Security System. So I'm struggling quite a bit on
this area...

Thanks again for all the help,

Marcelo Grossi
.