我已经在这几天了。看来我可以以管理员身份登录,但是现在当我尝试运行程序时,我在创建对象时遇到错误。在WqlEventQuery q = new WqlEventQuery(" Win32_ProcessStartTrace");或者其中任何一个。
"错误:80070542未提供所需的模拟级别,或者提供的模拟级别无效。" 我在下面包含了cs文件。
在whoAmI可用的浏览器中,他们在我登录用户之前就像预期的一样,我自己和whoAmI显示管理员之后。并且logonuser返回true。所以我以管理员身份登录,但我仍然没有权利?
using System;
using System.Collections.Generic;
using System.ComponentModel;
using System.Data;
using System.Drawing;
using System.Linq;
using System.Text;
using System.Windows.Forms;
using MySql.Data;
using System.Management;
using System.Runtime.InteropServices;
using System.Security.Principal;
using System.Security.Permissions;
using Microsoft.Win32.SafeHandles;
using System.Runtime.ConstrainedExecution;
using System.Security;
namespace WTA5
{
public partial class Form1 : Form
{
[DllImport("advapi32.dll", SetLastError = true, CharSet = CharSet.Unicode)]
public static extern bool LogonUser(String lpszUsername, String lpszDomain, String lpszPassword,
int dwLogonType, int dwLogonProvider, out SafeTokenHandle phToken);
[DllImport("kernel32.dll", CharSet = CharSet.Auto)]
public extern static bool CloseHandle(IntPtr handle);
SafeTokenHandle safeTokenHandle;
public Form1()
{
InitializeComponent();
try
{
try
{
string whoAmI = WindowsIdentity.GetCurrent().Name; //whoAmI is now my login name
const int LOGON32_LOGON_INTERACTIVE = 2, LOGON32_LOGON_NETWORK = 3, LOGON32_LOGON_BATCH = 4,
LOGON32_LOGON_SERVICE = 5, LOGON32_LOGON_UNLOCK = 7, LOGON32_LOGON_NETWORK_CLEARTEXT = 8,
LOGON32_LOGON_NEW_CREDENTIALS = 9;
const int LOGON32_PROVIDER_DEFAULT = 0, LOGON32_PROVIDER_WINNT35 = 1, LOGON32_PROVIDER_WINNT40 = 2, LOGON32_PROVIDER_WINNT50 = 3;
string userName = "\\\\administrator";
string domainName = "\\\\localhost";
bool returnValue =
LogonUser(userName, domainName, "happyhappy",
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,
out safeTokenHandle);
using (safeTokenHandle)
{
using (WindowsIdentity newId = new WindowsIdentity(safeTokenHandle.DangerousGetHandle()))
{
using (WindowsImpersonationContext impersonatedUser = newId.Impersonate())
{
whoAmI = WindowsIdentity.GetCurrent().Name; //whoAmI is now administrator
//ManagementScope scope = new ManagementScope("root\\CIMV2");
//scope.Options.EnablePrivileges = true;
//scope.Options.Impersonation = ImpersonationLevel.Impersonate;
WqlEventQuery q = new WqlEventQuery("Win32_ProcessStartTrace");
using (ManagementEventWatcher w = new ManagementEventWatcher(q)) //removed scope for testing was (scope,q)
{ w.EventArrived += new EventArrivedEventHandler(ProcessEventStarted); w.Start(); }
WqlEventQuery r = new WqlEventQuery("Win32_ProcessStopTrace");
using (ManagementEventWatcher w = new ManagementEventWatcher(r)) //removed scope for testing was (scope,q)
{ w.EventArrived += new EventArrivedEventHandler(ProcessEventExited); w.Start(); }
}
}
}
}
catch (Exception xe)
{
xe = xe;
}
}
catch (Exception ex)
{
Console.WriteLine("Exception occurred. " + ex.Message);
}
}
public void ProcessEventStarted(object sender, EventArrivedEventArgs e)
{
}
private void ProcessEventExited(object sender, EventArrivedEventArgs e)
{
}
public sealed class SafeTokenHandle : SafeHandleZeroOrMinusOneIsInvalid
{
private SafeTokenHandle()
: base(true)
{
}
[DllImport("kernel32.dll")]
[ReliabilityContract(Consistency.WillNotCorruptState, Cer.Success)]
[SuppressUnmanagedCodeSecurity]
[return: MarshalAs(UnmanagedType.Bool)]
private static extern bool CloseHandle(IntPtr handle);
protected override bool ReleaseHandle()
{return CloseHandle(handle);}
}
}
}
由于 戴夫。