Security problems using XP SP2 - Windows NT

This is a discussion on Security problems using XP SP2 - Windows NT ; I've got a service running as Local System account that calls CreateProcessWithLogonW to run a script as a certain administrator account. Like so: STARTUPINFOW si; PROCESS_INFORMATION pi; ZeroMemory( &si, sizeof(si) ); si.cb = sizeof(si); ZeroMemory( &pi, sizeof(pi) ); CreateProcessWithLogonW( L"admin", ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Security problems using XP SP2

  1. Security problems using XP SP2

    I've got a service running as Local System account that calls
    CreateProcessWithLogonW to run a script as a certain administrator account.
    Like so:
    STARTUPINFOW si;
    PROCESS_INFORMATION pi;

    ZeroMemory( &si, sizeof(si) );
    si.cb = sizeof(si);
    ZeroMemory( &pi, sizeof(pi) );

    CreateProcessWithLogonW(
    L"admin", // username
    NULL, // domain
    L"admin", // password
    0, // logon flags
    NULL, // No application name (use command line)
    &command[0], // command line
    0, // No creation flags.
    NULL, // Use parent's environment block.
    NULL, // Use parent's starting directory.
    &si, // Pointer to STARTUPINFO structure.
    &pi ) // Pointer to PROCESS_INFORMATION structure.
    )

    This worked fine until Service Pack 2 was installed, now the call fails with
    'Access is denied'. However, if i change the service to run as the same
    'admin' account used in the Create.. call there is no problem. I'd rather
    not have to do this.

    Anyone else had similar problems and know of a better (proper) solution??


    Thanks in advance
    Paul



  2. Re: Security problems using XP SP2

    On Mon, 20 Jun 2005 17:16:09 +0100, "Paul Woodman" wrote:

    I've got a service running as Local System account that calls
    CreateProcessWithLogonW to run a script as a certain administrator account.
    Like so:
    STARTUPINFOW si;
    PROCESS_INFORMATION pi;

    ZeroMemory( &si, sizeof(si) );
    si.cb = sizeof(si);
    ZeroMemory( &pi, sizeof(pi) );

    CreateProcessWithLogonW(
    L"admin", // username
    NULL, // domain
    L"admin", // password
    0, // logon flags
    NULL, // No application name (use command line)
    &command[0], // command line
    0, // No creation flags.
    NULL, // Use parent's environment block.
    NULL, // Use parent's starting directory.
    &si, // Pointer to STARTUPINFO structure.
    &pi ) // Pointer to PROCESS_INFORMATION structure.
    )

    This worked fine until Service Pack 2 was installed, now the call fails with
    'Access is denied'. However, if i change the service to run as the same
    'admin' account used in the Create.. call there is no problem. I'd rather
    not have to do this.

    Anyone else had similar problems and know of a better (proper) solution??

    Looks like this blurb was added to the function call doc:

    "Windows XP SP2 and Windows Server 2003: You cannot call CreateProcessWithLogonW from a process
    that is running under the LocalSystem account, because the function uses the logon SID in the caller
    token, and the token for the LocalSystem account does not contain this SID. As an alternative, use
    the CreateProcessAsUser and LogonUser functions."


    Paul
    ~~~~
    Microsoft MVP (Visual Basic)

+ Reply to Thread