我有一个带有一些遗留代码的程序,可以执行以下操作来关闭窗口:
ManagementClass mc = new ManagementClass( "Win32_OperatingSystem" );
mc.Get();
mc.Scope.Options.EnablePrivileges = true;
ManagementBaseObject mboShutdown = mc.GetMethodParameters( "Win32Shutdown" );
mboShutdown["Flags"] = "5"; // shutdown + force
mboShutdown["Reserved"] = "0";
foreach( ManagementObject mbo in mc.GetInstances() )
{
mbo.InvokeMethod( "Win32Shutdown", mboShutdown, null );
}
这是一个.NET 3.5应用程序,它没有问题。最近,依赖项升级需要将目标框架提升到4.0客户端配置文件。现在,每当代码运行时,我都会遇到以下异常:
System.Management.ManagementException: "Privilege not held."
应用程序在Windows 7上的管理员帐户下运行,除了更新此软件之外没有任何变化。
我在搜索解决方案时能够找到的唯一信息是关于.NET 1.1的一些非常老的错误报告,以及msdn上从未回答的以下线程: http://social.msdn.microsoft.com/Forums/vstudio/en-US/fa0bcae5-6f30-42b6-bb5f-b8a6edb88ac4/encountered-privillege-not-held-exception-when-rebooting-the-server-in-net40-framewrk
有谁知道这个问题的原因是什么?我是否需要停止使用WMI和PInvoke InitiateSystemShutdownEx或类似的东西?
答案 0 :(得分:2)
好的,所以它可能与SE_SHUTDOWN_NAME特权有关。我不确定它为什么在.NET 3.5而不是.NET 4.0下运行,但以下解决方法有效:
[StructLayout( LayoutKind.Sequential, Pack = 1 )]
internal struct TokPriv1Luid
{
public int Count;
public long Luid;
public int Attr;
}
[DllImport( "kernel32.dll", ExactSpelling = true )]
internal static extern IntPtr GetCurrentProcess();
[DllImport( "advapi32.dll", ExactSpelling = true, SetLastError = true )]
internal static extern bool OpenProcessToken( IntPtr h, int acc, ref IntPtr phtok );
[DllImport( "advapi32.dll", SetLastError = true )]
internal static extern bool LookupPrivilegeValue( string host, string name, ref long pluid );
[DllImport( "advapi32.dll", ExactSpelling = true, SetLastError = true )]
internal static extern bool AdjustTokenPrivileges( IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen );
[DllImport( "user32.dll", ExactSpelling = true, SetLastError = true )]
internal static extern bool ExitWindowsEx( int flg, int rea );
public const int SE_PRIVILEGE_ENABLED = 0x00000002;
public const int TOKEN_QUERY = 0x00000008;
public const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public const string SE_SHUTDOWN_NAME = "SeShutdownPrivilege";
public const int EWX_LOGOFF = 0x00000000;
public const int EWX_SHUTDOWN = 0x00000001;
public const int EWX_REBOOT = 0x00000002;
public const int EWX_FORCE = 0x00000004;
public const int EWX_POWEROFF = 0x00000008;
public const int EWX_FORCEIFHUNG = 0x00000010;
public static bool DoExitWin( int flg )
{
TokPriv1Luid tp;
var hproc = GetCurrentProcess();
var htok = IntPtr.Zero;
OpenProcessToken( hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok );
tp.Count = 1;
tp.Luid = 0;
tp.Attr = SE_PRIVILEGE_ENABLED;
LookupPrivilegeValue( null, SE_SHUTDOWN_NAME, ref tp.Luid );
AdjustTokenPrivileges( htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero );
return ExitWindowsEx( flg, 0 );
}
我还没有尝试过,但我的猜测是在使用AdjustTokenPrivileges调用后WMI调用也可能有效。
答案 1 :(得分:0)
应用了Microsoft安全更新指南CVE-2017-0160中所述的2017年4月安全更新后,PowerShell v3.0 + stop-computer命令失败。此外,如果应用程序使用Win32_OperatingSystem类中的电源管理方法(如关机或重新启动),并将EnablePrivileges属性设置为true,则它们可能会遇到相同的故障。返回“未保留特权”错误消息。
使用Win32_OperatingSystem类的电源管理方法(例如关机或重新启动)的客户应用程序将EnablePrivileges属性设置为true时,可能会出现相同的“未保留特权”错误
示例2(C#代码)返回“未保留特权”错误:
[STAThread]
static void Main(string[] args)
{
ManagementClass mgmtObject = new ManagementClass("Win32_OperatingSystem");
foreach (ManagementObject iterMgmtObject in mgmtObject.GetInstances())
{
iterMgmtObject.Scope.Options.EnablePrivileges = true;
iterMgmtObject.InvokeMethod("Reboot", null, null);
}
}
要解决此问题,请安装更新程序。 article中的更多内容。