Search code examples
cwinapirunasredmon

WinAPI C - RunAsUser from REDMON_USER and REDMON_SESSIONID


I installed a PostScript printer driver and have setup REDMON (redmonnt.dll) for redirecting postscript output to my program. In my rather simple c program I capture the data from STDIN and I am able to successfully save it into a .ps file. The file looks OK.

However, I want to start gsview.exe for viewing the file. If I call ShellExecute it fails in Windows 7 because of permission issues. It seems that my program is called under a different user account (LOCAL SERVICE). So I am looking for a way to run gsview.exe under a specific username (the user who initiated the print job) which is available to the program in a variable called REDMON_USER along with the SESSIONID as well.

Q: What are the minimum WinAPI calls required to start a program given a username and a sessionid?

Any code examples in C/C++, .NET would be very helpful.

EDIT: What I am trying accomplish is something very similar to redrunee (from redmonee). I don't want to use redrunee because it opens about a console window for a brief moment.

Note: 1) The program is called by the printer service as [LOCAL SERVICE] account. 2) The first parameter Username (REDMON_USER), in effect, points to the user currently looking at the screen


Solution

  • Look at CreateProcessAsUser.

    Also look at CreateProcessWithLogonW and CreateProcess.

    They are linked from the CreateProcessAsUser

    EDIT In reply to comments by OP.

    Follow advice from this thread.

    I am copying this here verbatim, in case the original link stops working:

    The same code works for us on Vista as on XP, etc. The service is running as the Local System.

    1. use WTSGetActiveConsoleSessionId to get the ID of the current active Windows session at the console (i.e. the machine keyboard and display, as opposed to WTS sessions).

    2. use WTSQueryUserToken to get the token for that session.

    3. use DuplicateTokenEx(hToken,MAXIMUM_ALLOWED,NULL,SecurityIdentification,TokenPrimary, &hTokenDup) to duplicate that token.

    4. use CreateEnvironmentBlock to create an environment that you will be passing to the process.

    5. use CreateProcessAsUser with the duplicated token and the created environment. Actually, we use CreateProcessAsUserW, since the A version had some sort of bug on some older systems.

    6. Don't forget to CloseHandle on the various tokens, etc, and to DestroyEnvironmentBlock the environment.

    Thank you efratian.

    PS. Oh joy of Windows programming, did not do it for quite a while. Now I remember why. The only thing that is close or even worse documented is OpenSSH programming.