我想在远程计算机上连接时冒充用户。我能够连接远程机器甚至能够启动一个过程。但在那之后,当我检查activeconsolesession时,它返回我的本地机器活动会话,而不是远程计算机。(已经连接到远程机器)。这是我的代码
public void impersonateSystem()
{
IntPtr tokenHandle = IntPtr.Zero;
IntPtr hUserToken = IntPtr.Zero;
ConnectionOptions conn = new ConnectionOptions();
conn.Impersonation = ImpersonationLevel.Impersonate;
conn.EnablePrivileges = true;
string remote="window-PC";
conn.Username = "administrator";
conn.Password = "pass";
conn.EnablePrivileges = true;
ManagementScope manScope = new ManagementScope(String.Format(@"\\{0}\ROOT\CIMV2",remote ), conn);
manScope.Connect();
conn.EnablePrivileges = true;
ObjectGetOptions objectGetOptions = new ObjectGetOptions();
ManagementPath managementPath = new ManagementPath("Win32_Process");
ManagementClass processClass = new ManagementClass(manScope, managementPath, objectGetOptions);
ManagementBaseObject inParams = processClass.GetMethodParameters("Create");
inParams["CommandLine"] = "cmd.exe 'C:\\v.exe'" ;
ManagementBaseObject outParams = processClass.InvokeMethod("Create", inParams, null);
Console.WriteLine("Creation of the process returned: " + outParams["returnValue"]);
Console.WriteLine("Process ID: " + outParams["processId"]);
PROCESS_INFORMATION pi1;
var si1 = new STARTUPINFO();
var sa1 = new SECURITY_ATTRIBUTES();
si1.cb = Marshal.SizeOf(si);
si1.lpDesktop = "winsta0\\default";
uint dwCreationFlags1 = NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE;
IntPtr pEnv1 = IntPtr.Zero;
uint dwSessionId = WTSGetActiveConsoleSessionId();
WTSQueryUserToken(dwSessionId, ref hUserToken);
WindowsIdentity who1 = new WindowsIdentity(hUserToken);
who1.Impersonate();
bool bResult = CreateProcessAsUser(hUserToken,"C:\\pr.exe",null, ref sa1,ref sa1,false,(int)dwCreationFlags1,pEnv1,null,ref si1, out pi1);
Console.WriteLine(WindowsIdentity.GetCurrent().Name);
CloseHandle(hUserToken);
CloseHandle(tokenHandle);
impersonationEnabled = true;
}
}
}
为什么WTSGetActiveConsoleSessionId();正在返回本地活动控制台会话而非远程活动控制台会话。