Im currently writing an application in VB.NET which is to run as a service as SYSTEM and be allowed to interact with the desktop. This service acts as an overseer for a number of corporate desktops and laptops. The plan is for it to be able to run applications in the SYSTEM context, in the context of the currently logged on user, local administrator or a domain user. These applications will typically be configuration scripts and applications.
The one Im having problems with is running it as the local interactive user. Heres what Im currently doing:
* Find process handle to INFOUTIL.EXE using Process.GetProcessesByName("infoutil"). This EXE is a utility written in VB6 which is installed on all clients and runs in the context of the user.
* Use OpenProcessToken(infoutilHandle, &H1FF, userHandle) to get the user token
* Launch application using CreateProcessAsUser(userHandle, strAppName, strcmd, sec1, sec2, False, 0, environ, strWkDir, InfoUtilStartupInfo, newprocess)
The error which is given by CreateProcessAsUser is 5: Access is denied. Ive read about process and ACLs but am unsure whether this is the issue. Any assistance, URLs etc will be appreciated.
Code is attached.
The one Im having problems with is running it as the local interactive user. Heres what Im currently doing:
* Find process handle to INFOUTIL.EXE using Process.GetProcessesByName("infoutil"). This EXE is a utility written in VB6 which is installed on all clients and runs in the context of the user.
* Use OpenProcessToken(infoutilHandle, &H1FF, userHandle) to get the user token
* Launch application using CreateProcessAsUser(userHandle, strAppName, strcmd, sec1, sec2, False, 0, environ, strWkDir, InfoUtilStartupInfo, newprocess)
The error which is given by CreateProcessAsUser is 5: Access is denied. Ive read about process and ACLs but am unsure whether this is the issue. Any assistance, URLs etc will be appreciated.
Code is attached.