Hi.
I want to run a program from a service in current user (active session) with admin privilege (UAC).
i use WTSGetActiveConsoleSessionId API to find current user.
i use this code to run program in current user. but the program doesn't have admin privilege.
I want to run a program from a service in current user (active session) with admin privilege (UAC).
i use WTSGetActiveConsoleSessionId API to find current user.
i use this code to run program in current user. but the program doesn't have admin privilege.
Code:
Option Explicit
Private Type SECURITY_ATTRIBUTES
nLength As Long
lpSecurityDescriptor As Long
bInheritHandle As Long
End Type
Private Type STARTUPINFO
cb As Long
lpReserved As Long
lpDesktop As Long
lpTitle As Long
dwX As Long
dwY As Long
dwXSize As Long
dwYSize As Long
dwXCountChars As Long
dwYCountChars As Long
dwFillAttribute As Long
dwFlags As Long
wShowWindow As Integer
cbReserved2 As Integer
lpReserved2 As Long
hStdInput As Long
hStdOutput As Long
hStdError As Long
End Type
Private Type PROCESS_INFORMATION
hProcess As Long
hThread As Long
dwProcessID As Long
dwThreadId As Long
End Type
Private Const STARTF_USESTDHANDLES As Long = &H100&
Private Const STARTF_USESHOWWINDOW As Long = &H1
Private Const CREATE_DEFAULT_ERROR_MODE As Long = &H4000000
Private Const CREATE_NEW_CONSOLE As Long = &H10&
Private Const CREATE_NEW_PROCESS_GROUP As Long = &H200&
Private Const CREATE_SEPARATE_WOW_VDM As Long = &H800&
Private Const CREATE_SUSPENDED As Long = &H4&
Private Const CREATE_UNICODE_ENVIRONMENT As Long = &H400&
Private Declare Function WTSGetActiveConsoleSessionId Lib "Kernel32.dll" () As Long
Private Declare Function WTSQueryUserToken Lib "Wtsapi32.dll" (ByVal sessionId As Long, ByRef phToken As Long) As Long
Private Declare Function CreateEnvironmentBlock Lib "userenv.dll" (ByRef lpEnvironment As Long, ByVal hToken As Long, ByVal bInherit As Long) As Long
Private Declare Function CreateProcessAsUser Lib "ADVAPI32.dll" Alias "CreateProcessAsUserW" (ByVal hToken As Long, ByVal lpApplicationName As Long, ByVal lpCommandLine As Long, lpProcessAttributes As SECURITY_ATTRIBUTES, lpThreadAttributes As SECURITY_ATTRIBUTES, ByVal bInheritHandles As Long, ByVal dwCreationFlags As Long, ByVal lpEnvironment As Long, ByVal lpCurrentDirectory As Long, ByRef lpStartupInfo As STARTUPINFO, ByRef lpProcessInformation As PROCESS_INFORMATION) As Long
Private Declare Function DestroyEnvironmentBlock Lib "userenv.dll" (ByVal lpEnvironment As Long) As Long
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
Public Sub RunAsActiveSessionId(ApplicationName As String, ApplicationCommand As String)
Dim typProcess As PROCESS_INFORMATION
Dim typStartup As STARTUPINFO
Dim typSecurity As SECURITY_ATTRIBUTES
Dim lngToken As Long
Dim lngSessionID As Long
Dim strApplication As String
Dim strProfileDir As String
Dim lngEnvBlock As Long
With typSecurity
.nLength = Len(typSecurity)
.bInheritHandle = 1&
.lpSecurityDescriptor = 0&
End With
With typStartup
.cb = Len(typStartup)
'.dwFlags = STARTF_USESTDHANDLES 'Or STARTF_USESHOWWINDOW
'.hStdInput = lngWritePipe
'.hStdOutput = lngWritePipe
'.hStdError = lngWritePipe
'.wShowWindow = SW_HIDE
End With
lngSessionID = WTSGetActiveConsoleSessionId()
WTSQueryUserToken lngSessionID, lngToken
CreateEnvironmentBlock lngEnvBlock, lngToken, 0
CreateProcessAsUser lngToken, StrPtr(ApplicationName), StrPtr(ApplicationCommand), typSecurity, typSecurity, ByVal 1&, CREATE_DEFAULT_ERROR_MODE Or CREATE_NEW_CONSOLE Or CREATE_NEW_PROCESS_GROUP Or CREATE_UNICODE_ENVIRONMENT, ByVal 0&, StrPtr(strProfileDir), typStartup, typProcess
DestroyEnvironmentBlock lngEnvBlock
CloseHandle lngToken
End Sub