tl / dr:我正在寻找一种方法来运行程序作为当前从以Local System Account启动的服务登录的用户。
长版:
跟进:Get current username from a program started as Local System Account
我的程序是从运行为Local System Account的服务启动的。
此服务在Windows启动时启动,基本上为某些硬件按钮提供功能,例如显示屏幕键盘。我的程序也分配给其中一个按钮,但仅在实际用户登录时才可用。
它的作用是使用硬件摄像头拍照并将其存储在文件系统的某个位置,这样工作正常,但我无法将图片存储在网络路径上,这是可以理解的,因为这样做需要认证
如果程序直接以登录用户身份启动,则此身份验证可用,并且在网络路径上存储文件可以正常工作。
有什么方法可以解决这个问题吗?
我首选的解决方案是以当前登录的用户身份启动程序,而无需在某处存储密码和用户名。
在其他网站上找到工作解决方案 http://chabster.blogspot.com/2008/01/run-as-interactive-user-from-service.html
stdafx.h:
#include <WtsApi32.h>
#pragma comment(lib, "WtsApi32.lib")
#include <Userenv.h>
#pragma comment(lib, "Userenv.lib")
RunAsInteractiveUser函数:
BOOL bRet;
HRESULT hr;
HANDLE processToken = NULL;
TOKEN_PRIVILEGES oldTokenPrivileges = { 0 };
HANDLE impersonationToken = NULL;
HANDLE userToken = NULL;
LPVOID pEnvironment = NULL;
PROCESS_INFORMATION processInformation = { 0 };
__try {
bRet = OpenProcessToken(GetCurrentProcess(),
TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, &processToken);
if (!bRet) {
hr = GetLastError();
return hr;
}
// This step might not be necessary because
// SeTcbPrivilege is enabled by default for Local System
LUID luid;
bRet = LookupPrivilegeValue(NULL, _T("SeTcbPrivilege"), &luid);
if (!bRet) {
hr = GetLastError();
return hr;
}
TOKEN_PRIVILEGES adjTokenPrivileges = { 0 };
adjTokenPrivileges.PrivilegeCount = 1;
adjTokenPrivileges.Privileges[0].Luid = luid;
adjTokenPrivileges.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
DWORD dwOldTPLen;
bRet = AdjustTokenPrivileges(processToken, FALSE,
&adjTokenPrivileges, sizeof(TOKEN_PRIVILEGES),
&oldTokenPrivileges, &dwOldTPLen);
if (bRet) {
hr = GetLastError();
if (hr == ERROR_SUCCESS);
else if (hr == ERROR_NOT_ALL_ASSIGNED) {
// Enabled by default
}
}
else {
hr = GetLastError();
return hr;
}
DWORD conSessId = WTSGetActiveConsoleSessionId();
if (conSessId == 0xFFFFFFFF) {
// There is no session attached to the console
return ERROR_SUCCESS;
}
bRet = WTSQueryUserToken(conSessId, &impersonationToken);
if (!bRet) {
hr = GetLastError();
return hr;
}
bRet = DuplicateTokenEx(impersonationToken, MAXIMUM_ALLOWED, NULL,
SecurityIdentification, TokenPrimary, &userToken);
if (!bRet) {
hr = GetLastError();
return hr;
}
STARTUPINFO si = { 0 };
si.cb = sizeof(STARTUPINFO);
si.lpDesktop = _T("winsta0\\default");
bRet = CreateEnvironmentBlock(&pEnvironment, userToken, TRUE);
if (!bRet) {
hr = GetLastError();
return hr;
}
bRet = CreateProcessAsUser(userToken, _T("C:\\Windows\\notepad.exe"),
NULL, NULL, NULL, FALSE, CREATE_UNICODE_ENVIRONMENT,
pEnvironment, NULL, &si, &processInformation);
if (!bRet) {
hr = GetLastError();
return hr;
}
}
__finally {
if (processInformation.hThread) {
CloseHandle(processInformation.hThread);
}
if (processInformation.hProcess) {
CloseHandle(processInformation.hProcess);
}
if (pEnvironment) {
bRet = DestroyEnvironmentBlock(pEnvironment);
}
if (userToken) {
CloseHandle(userToken);
}
if (impersonationToken) {
CloseHandle(impersonationToken);
}
if (processToken) {
bRet = AdjustTokenPrivileges(processToken,
FALSE, &oldTokenPrivileges, sizeof(TOKEN_PRIVILEGES), NULL, NULL);
CloseHandle(processToken);
}
}