模拟和UAC [英] Impersonation And UAC

问题描述

我正在尝试从我的服务中复制注册表配置单元.我的服务作为本地系统运行，并使用存储的凭据来模拟域管理员.

除非UAC正在运行，否则所有方法都可以很好地运行，这将导致该服务能够读取REMOTE注册表，但无法写入本地注册表.我猜这是因为线程当前正在以模拟用户身份运行.当然，在调用RevertToSelf之后，我可以写一整天的生活.

现在....由于我使用的是干净的递归函数来复制整个配置单元，所以我真的不希望它切换上下文以读取远程配置单元并写入本地配置单元，所以我希望我可能缺少一些简单的东西.

这是我当前的服务代码(已删除错误处理代码)

BOOL m_userName ， m_domainStr ， m_password ， LOGON32_LOGON_INTERACTIVE ， LOGON32_PROVIDER_DEFAULT ，& userHandle )；

bResult = ImpersonateLoggedOnUser ( userHandle )；

我也尝试了repeatTokenEx路由...结果相同

BOOL m_userName ， m_domainStr ， m_password ， LOGON32_LOGON_INTERACTIVE ， LOGON32_PROVIDER_DEFAULT ，& userHandle )；

HANDLE hPrivTokenImperson;

DuplicateTokenEx(userHandle，TOKEN_QUERY | TOKEN_IMPERSONATE，NULL，SecurityImpersonation，TokenImpersonation，& hPrivTokenImperson)

SetThreadToken(NULL，hPrivTokenImperson)

请，我想念什么?

谢谢

基因

解决方案

您去年解决了上述问题吗?我刚刚遇到过类似的情况，当UAC开启时，我模拟了一个域用户，尽管域用户和本地系统帐户都可以访问资源(我的程序集文件，但我现在再也无法访问本地文件了.正在尝试加载).
登录到程序集绑定日志(融合)中的用户显示为未知" ...

那么，您如何解决这种情况?

感谢，
阿隆(Aharon)

I'm attempting to replicate a registry hive from my service.  My service runs as local system and uses stored credentials to impersonate a domain admin.

 

All works GREAT unless, UAC is running which results in the service being able to read the REMOTE registry but being unable to write to the local one.  I'm guessing that that is because the thread is currently running as the impersonated user.   Of course, after calling RevertToSelf, I can write all the live long day.

 

Now....since I'm using a nice clean recursive function to replicated an entire hive, I REALLY don't want it switching contexts for reading the remote hive and writing to the local one, so I'm hoping that maybe I'm missing something simple.

 

Here is my current service code (error processing code removed)

BOOL bResult = LogonUser(m_userName, m_domainStr, m_password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &userHandle);

bResult = ImpersonateLoggedOnUser(userHandle);

 

I tried the duplicateTokenEx route too...same result

BOOL bResult = LogonUser(m_userName, m_domainStr, m_password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &userHandle);

HANDLE hPrivTokenImperson;

DuplicateTokenEx( userHandle, TOKEN_QUERY | TOKEN_IMPERSONATE, NULL, SecurityImpersonation, TokenImpersonation, & hPrivTokenImperson )

SetThreadToken( NULL, hPrivTokenImperson )

 

 

Please, what am I missing?

 

thanks,

 

Gene

解决方案

Hi,

Did you resolve the issue above from last year? I've just hit similar situation in which when UAC is on, and I impersonate a domain user, I get no access to local files anymore, although both the domain user and the local system account have access to the resource (an assembly file I am trying to load).
The user logged in the assembly binding log (fusion) appears as "Unknown"...

So, how did you resolve the situation?

Thanks,
Aharon

这篇关于模拟和UAC的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！