Check out: murrayju.com
murrayju / createprocessasuser Goto Github PK
View Code? Open in Web Editor NEWCreates a process in a different Windows session
License: MIT License
Creates a process in a different Windows session
License: MIT License
Check out: murrayju.com
Hi Friends,
I am trying to write a windows service that will reconnect the vpn connection if disconnected, I have implemented your code, and it is working fine only when the users logs in immediately. Otherwise if no user is logged in to windows the service will not start. [see attached event viewer error]
I have tried delayed start, restart service after some time, but non works without users being logged in.
Is there any way to bypass that or something. I have done some reading, what about using CreateProcessWithLogonW, instead of CreateProcessAsUser. anyone tried anything like that.
Thank you very much in advance guys,
Kind Regards
Fatos, Kosovo
Hi,
I was trying to write a simple wrapper like you have here with DemoService but using TopShelf. Unfortunately, I cannot get it working. What I have is very simple:
class Program
{
static void Main(string[] args)
{
var rc = HostFactory.Run(x =>
{
Console.WriteLine("in run...");
x.Service<ServiceWrapper>(m =>
{
m.ConstructUsing(name => new ServiceWrapper());
m.WhenStarted((wrapper) => { Console.WriteLine("starting service..."); wrapper.Start(); });
m.WhenStopped((wrapper) => { wrapper.Stop(); });
});
x.EnableServiceRecovery(r =>
{
r.RestartService(0);
r.RestartService(1);
r.RestartService(1);
r.SetResetPeriod(1);
});
x.RunAsLocalService();
x.SetDescription("DemoServiceTopShelf");
x.SetDisplayName("DemoServiceTopShelf");
x.SetServiceName("DemoServiceTopShelf");
x.OnException(ex =>
{
Console.WriteLine("exception {0}", ex.Message);
});
});
var exitCode = (int)Convert.ChangeType(rc, rc.GetTypeCode());
Environment.ExitCode = exitCode;
}
}
class ServiceWrapper
{
public ServiceWrapper() { }
public void Start()
{
Console.WriteLine("Trying to launch calc.exe");
ProcessExtensions.StartProcessAsCurrentUser("calc.exe");
}
public void Stop() { }
}
So, I'm running VS as Administrator, and if I run this, the WTSQueryUserToken( )
call always returns zero.
So, I figured maybe I have to install the service first. TopShelf builds command line params for install/uninstall/start, etc. of the service. It installs fine:
DMSMonitorSvc.exe install
in run...
Configuration Result:
[Success] Name DemoServiceTopShelf
[Success] ServiceName DemoServiceTopShelf
Topshelf v4.0.0.0, .NET Framework v4.0.30319.42000
Running a transacted installation.
Beginning the Install phase of the installation.
Installing DemoServiceTopShelf service
Installing service DemoServiceTopShelf...
Service DemoServiceTopShelf has been successfully installed.
The Install phase completed successfully, and the Commit phase is beginning.
The Commit phase completed successfully.
The transacted install has completed.
If I try to start it in the Services tool, it fails with Windows could not start the DemoServiceTopShelf service on Local Computer. Error 5: Access is denied.
In event viewer, I see these events got logged related to it:
Special privileges assigned to new logon.
Subject:
Security ID: SYSTEM
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Privileges: SeAssignPrimaryTokenPrivilege
SeTcbPrivilege
SeSecurityPrivilege
SeTakeOwnershipPrivilege
SeLoadDriverPrivilege
SeBackupPrivilege
SeRestorePrivilege
SeDebugPrivilege
SeAuditPrivilege
SeSystemEnvironmentPrivilege
SeImpersonatePrivilege
SeDelegateSessionUserImpersonatePrivilege
And this event log:
An account was successfully logged on.
Subject:
Security ID: SYSTEM
Account Name: DESKTOP-F26HMBM$
Account Domain: WORKGROUP
Logon ID: 0x3E7
Logon Information:
Logon Type: 5
Restricted Admin Mode: -
Virtual Account: No
Elevated Token: Yes
Impersonation Level: Impersonation
New Logon:
Security ID: SYSTEM
Account Name: SYSTEM
Account Domain: NT AUTHORITY
Logon ID: 0x3E7
Linked Logon ID: 0x0
Network Account Name: -
Network Account Domain: -
Logon GUID: {00000000-0000-0000-0000-000000000000}
Process Information:
Process ID: 0x2b0
Process Name: C:\Windows\System32\services.exe
Network Information:
Workstation Name: -
Source Network Address: -
Source Port: -
Detailed Authentication Information:
Logon Process: Advapi
Authentication Package: Negotiate
Transited Services: -
Package Name (NTLM only): -
Key Length: 0
This event is generated when a logon session is created. It is generated on the computer that was accessed.
The subject fields indicate the account on the local system which requested the logon. This is most commonly a service such as the Server service, or a local process such as Winlogon.exe or Services.exe.
The logon type field indicates the kind of logon that occurred. The most common types are 2 (interactive) and 3 (network).
The New Logon fields indicate the account for whom the new logon was created, i.e. the account that was logged on.
The network fields indicate where a remote logon request originated. Workstation name is not always available and may be left blank in some cases.
The impersonation level field indicates the extent to which a process in the logon session can impersonate.
The authentication information fields provide detailed information about this specific logon request.
- Logon GUID is a unique identifier that can be used to correlate this event with a KDC event.
- Transited services indicate which intermediate services have participated in this logon request.
- Package name indicates which sub-protocol was used among the NTLM protocols.
- Key length indicates the length of the generated session key. This will be 0 if no session key was requested.
I have searched through past issues related to the Access Denied, but I don't see a concrete solution here. It is worth noting if you clone this repo and run the .bat scripts, it does work for me on the same machine.
Any insight into what might be going wrong?
Hi There,
I was wondering how is it possible to wait the process that has been started to exit and return the exit code, instead of process ID?
Great code worked perfectly,
I have need to run a program as Administrator. Here's what I am doing: A windows service running as Local System, launches an application on some event (USB related) which needs to run as admin, this program has a taskbar icon and other dialogs. The user logged in is also admin. I was able to drop in this code and it launched the program, the program was not able to access the admin parts.
Hi,
can you tell me how I can run Process with arguments?? I want run process under windows service, this process is WinForm and in Program.cs i use string[] args and set few options and when I example use s / stream ex. PrGP.exe -s then I want run one window in this program, when I use k / kurs ex. PrGP.exe -k then I want run different window in this program. When I use normal cmd then is ok, but when I try use your class like: ProcessExtensions.StartProcessAsCurrentUser("C:\OK\PrGP.exe", "-s") then this dont works :( im trying too like this ProcessExtensions.StartProcessAsCurrentUser("cmd", string.Format("{0} -s", "C:\OK\PrGP.exe")) and too don
t work. Link to class -> https://github.com/murrayju/CreateProcessAsUser now class Program in program where I choose windows looks like that http://screenshooter.net/102681996/xmmaqgr and here I try run like this: screenshooter.net/102681996/yrgurgq
ok problem solved, I had an error in the path of the setup program :)
I wonder if it would be possible to start the service and that service would start a process in session 1 weather or not user have logged on. The is one sample http://www.codeproject.com/Articles/35773/Subverting-Vista-UAC-in-Both-and-bit-Archite
That works win the following manner unfortunately starts the service as LocasService user which brings limitation.
My windows and c# is none existent . This is not the issue but a cry for help or at least guidance :)
Thanks in advance.
if (WTSQueryUserToken(activeSessionId, ref hImpersonationToken) != 0)
{
// Convert the impersonation token to a primary token
bResult = DuplicateTokenEx(hImpersonationToken, 0, IntPtr.Zero,
(int)SECURITY_IMPERSONATION_LEVEL.SecurityImpersonation, (int)TOKEN_TYPE.TokenPrimary,
ref phUserToken);
CloseHandle(hImpersonationToken);
}
WTSQueryUserToken return 0 and it fails to start process.
Hello.
Downloaded your project, unziped and compiled.
Added to windows services and after launching it was stoped.
Created windows form project with using ProcessExtension and started debug to find where is the problem.
Got Exception("StartProcessAsCurrentUser: GetSessionUserToken failed.");
As i undestand it's happening because application wasn't running within the context of the LocalSystem Account.
I can't debug the service as it crashes immediately.
How fix it?
I could not handle to handle creating process with arguments. For example: I wanna create process with portable chrome. But i wanna open a html file in kiosk mode. How can i open sample.html file in portable chrome exe with --kiosk argument?
I modified DemoService to run ProcessExtensions.StartProcessAsCurrentUser("cmd.exe", "/d /s /c \"node Path\\To\\file\"")
, I have installed it and it works perfect,
So I made an executable to receive the route to execute as a parameter by this way
private static int RunAndReturnExitCode(RunVerb opts)
{
string command = opts.commands.FirstOrDefault();
Console.WriteLine(command); // This prints -> node Path\To\file
if (command == null || command == "")
{
return 1;
}
ProcessExtensions.StartProcessAsCurrentUser("cmd.exe", $"/d /s /c \"{command}\"");
return 0;
}
I launch a CMD as System user using psexec
with this command PsExec64.exe -i -s cmd.exe
and at runnning the command CreateProcessAsUserCMD.exe --run "node Path\To\file"
it responses an error
System.Exception: StartProcessAsCurrentUser: CreateProcessAsUser failed. Error Code -2
en murrayju.ProcessExtensions.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible) en C:\GitHub\CreateProcessAsUser\ProcessExtensions\ProcessExtensions.cs:l�nea 249
en CreateProcessAsUserCMD.Program.RunAndReturnExitCode(RunVerb opts)
en CreateProcessAsUserCMD.Program.<>c.<Main>b__0_0(RunVerb opts)
en CommandLine.ParserResultExtensions.MapResult[TSource,TResult](ParserResult`1 result, Func`2 parsedFunc, Func`2 notParsedFunc)
en CreateProcessAsUserCMD.Program.Main(String[] args)
I have tried to launch the executable from an installed service but it responses the same error.
Hi, I got the sample working fine under a service, but not when running as a normal app. So I understand there's a few more tokens as described here
https://devblogs.microsoft.com/oldnewthing/20190531-00/?p=102532
https://stackoverflow.com/questions/42717691/wtsqueryusertoken-returning-false
I'm just curious, why not set put this code in when WTSQueryUserToken fails?
Hi,
I try use this code in my program (C# console application,Visual Studio 2013) but when I try to build it, i get error:
'CreateProcessAsUser': member names cannot be the same as their enclosing type.
What I should to do to fix this ?
Hi all,
I've had great success so far with this script but am currently having issues using it to call Wscript.exe. I have something that looks like the following,
[Runasuser.ProcessExtensions]::StartProcessAsCurrentUser("$env:windir\System32\wscript.exe", "c:\temp\test.vbs")
In my mind this is meant to launch wscript with arg[1] as the input script however what happens is that Wscript is launched as if there were no input parameters. What am I missing here? Has anyone had success using wscript/cscript with this setup?
All responses are much appreciated
Hi,
It it possible to add redirection of the output and the error stream?
Thanks
WTSEnumerateSessions parameter ppSessionInfo must be freed by WTSFreeMemory.
See:
https://msdn.microsoft.com/en-us/library/aa383833(v=vs.85).aspx
https://msdn.microsoft.com/en-us/library/aa383834(v=vs.85).aspx
i want to run my wpf application through CreateProcessAsUser but its not running. why?
ProcessExtensions.StartProcessAsCurrentUser(@"C:\Program Files (x86)\myapp\WpfClient.exe");
Please provide need full help.
Thanks
In this line
if (WTSQueryUserToken(activeSessionId, ref hImpersonationToken) != 0)
the method WTSQueryUserToken return 0
First of all hanks a lot for your hard work.
But I got some errors, home you can help.
I run asp.net website on IIS as a service with Identity: LocalSystem
and I got this error "StartProcessAsCurrentUser: GetSessionUserToken failed"
on the next line:
uint dwCreationFlags = CREATE_UNICODE_ENVIRONMENT | (uint)(visible ? CREATE_NEW_CONSOLE : CREATE_NO_WINDOW);
Maybe can you help? Thanks
Hi,
Can you add an option to run the file with highest privileges (like "Run as Administrator")?
like in here:
http://www.codeproject.com/Articles/35773/Subverting-Vista-UAC-in-Both-and-bit-Archite
Thank you in advance
I'm sure I'm not doing something correct, here is what I've done. I downloaded the file CreateProcessAsUser-master.zip and opened it in VS2015. I tried running it unmodified and received the message "Cannot start service from the command line or a debugger. A Windows Service must first be installed and then started ..."
So I created a service with Powershell and changed the first line below to the second:
this.ServiceName = "Service1";
this.ServiceName = "AdminService";
and I get the same error. I wanted to get the demo working before I tried to use this with an MVC website and wrap it in an Invoke-Command powershell command similar to this https://rzander.azurewebsites.net/create-a-process-as-loggedon-user/ . I've searched and it appears the demo works for everyone.
Could my (work) environment be configured incorrectly, not allowing this demo project to work? I am an admin on this box.
if (!GetSessionUserToken(ref hUserToken)) is equal to {0}
[edit: a little more information]
When using the powershell link above and inside of a powershell IDE, I get the following error
Exception calling "StartProcessAsCurrentUser" with "1" argument(s): "StartProcessAsCurrentUser: GetSessionUserToken failed."
At C:\Users\xxx\AppData\Local\Temp\2\6ca92ace-e967-4153-a04c-eab859a2430f.ps1:292 char:1
+ CategoryInfo : NotSpecified: (:) [], MethodInvocationException
+ FullyQualifiedErrorId : Exception
This helped me a lot, just wanted to say thanks!
Hi!, thank you for the code, is awesome. I would like to pass some parameters to a process (.exe) that I invoke with StartProcessAsCurrentUser function. Do you know how to pass parameters to a program with that function?
Thanks a lot.
I have try your function in a powershell script in system account this work great but when I deploy my script via a SCCM pplication I can't create a user process, somebody have the same problem?
When multiple sessions exist, it should be possible to target a specific session, based on the session's username.
I couldn't get this to work for me, I'm new to C# so maybe I'm doing something wrong, here's the code
using System;
using murrayju.ProcessExtensions;
namespace spawnproc
{
class Program
{
static void Main()
{
Console.WriteLine("Starting calc.exe");
ProcessExtensions.StartProcessAsCurrentUser("calc.exe");
}
}
}
trying to run this will return the following error, with exit status code 255
Unhandled Exception: System.Exception: StartProcessAsCurrentUser: CreateProcessAsUser failed.
at murrayju.ProcessExtensions.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible)
at spawnproc.Program.Main()
I keep getting:
Exception calling "StartProcessAsCurrentUser" with "1" argument(s): "Arithmetic operation resulted in an overflow."
running this:
[murrayju.ProcessExtensions.ProcessExtensions]::StartProcessAsCurrentUser("C:\Windows\System32\WindowsPowershell\v1.0\Powershell.exe")
I am running a program in SYSTEM user context and want to user StartProcessAsCurrentUser to initiate a new instance of the same program but in logged-in user context. When I call StartProcessCurrentUser, "StartProcessAsCurrentUser: CreateProcessAsUser failed." error is raised and quitting. What could be wrong?
I am obtaining a user token with the code below and passing it to CreateProcessAsUser:
hUserToken = WindowsIdentity.GetCurrent().Token;
I wan't to use this to my project, but I am unable , because DLL is targeting .NET 4.5, and my project .net 4.0
Is it possible to target .net 4.0 as well?
I had run your program it successfully started with local system account but didn't work with specific user account. I get the following exception in the event viewer,
Service cannot be started. System.Exception: StartProcessAsCurrentUser: GetSessionUserToken failed.
at murrayju.ProcessExtensions.ProcessExtensions.StartProcessAsCurrentUser(String appPath, String cmdLine, String workDir, Boolean visible) in c:\Users\indianic\Downloads\CreateProcessAsUser-master\CreateProcessAsUser-master\ProcessExtensions\ProcessExtensions.cs:line 224
at demo.DemoService.OnStart(String[] args) in c:\Users\indianic\Downloads\CreateProcessAsUser-master\CreateProcessAsUser-master\DemoService\DemoService.cs:line 15
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
Thanks.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.