有什么区别:LoadUserProfile -vs- RegOpenCurrentUser [英] What is the difference: LoadUserProfile -vs- RegOpenCurrentUser
问题描述
这两个API非常相似,但是尚不清楚它们之间的区别以及何时应使用它们(除了LoadUserProfile被指定与我不使用的CreateProcessAsUser一起使用.我只是模拟配置单元访问).
These two APIs are very similar but it is unclear what the differences are and when each should be used (Except that LoadUserProfile is specified for use with CreateProcessAsUser which I am not using. I am simply impersonating for hive accesss).
LoadUserProfile http://msdn.microsoft.com/en-us /library/bb762281(VS.85).aspx
LoadUserProfile http://msdn.microsoft.com/en-us/library/bb762281(VS.85).aspx
RegOpenCurrentUser http://msdn.microsoft.com/en-us /library/ms724894(VS.85).aspx
RegOpenCurrentUser http://msdn.microsoft.com/en-us/library/ms724894(VS.85).aspx
根据服务和注册表文章: http://msdn.microsoft.com/en-us /library/ms685145(VS.85).aspx 我们应该在模拟时使用RegOpenCurrentUser.
According to the Services & the Registry article: http://msdn.microsoft.com/en-us/library/ms685145(VS.85).aspx we should use RegOpenCurrentUser when impersonating.
但是如果用户配置文件正在漫游,RegOpenCurrentUser应该/应该做些什么-应该加载它吗?
But what does/should RegOpenCurrentUser do if the user profile is roaming - should it load it?
据我从这些文档可以看出,这两个API都为线程正在模拟的用户提供了HKEY_CURRENT_USER的句柄.因此,它们都会加载"配置单元,即将其锁定为数据库文件,并为注册表API提供句柄.
As far as I can tell from these docs, both APIs provide a handle to the HKEY_CURRENT_USER for the user the thread is impersonating. Therefore, they both "load" the hive i.e. lock it as a database file and give a handle to it for registry APIs.
似乎LoadUserProfile加载用户配置文件的方式与用户登录时加载用户配置文件的方式相同,而RegOpenCurrentUser不加载-这对吗?这两个API如何安装配置单元之间的根本区别(如果有)?
It might seem that LoadUserProfile loads the user profile in the same way as the User does when he/she logs on, whereas RegOpenCurrentUser does not - is this correct? What is the fundamental difference (if any) in how these two APIs mount the hive?
如果发生的情况之间有什么影响和区别(如果有的话)
What are the implications and differences (if any) between what happens IF
-
这些模拟手柄中的每一个都已在使用中时,用户是登录还是注销?
A user logs-on or logs-off while each of these impersonated handles is already in use?
调用每个匹配的关闭函数(RegCloseKey和UnloadUserProfile)时,用户已经登录了吗?
A user is already logged-on when each matching close function (RegCloseKey and UnloadUserProfile) is called?
推荐答案
由于我目前正在尝试完成与您相同的事情,所以我想我会喜欢过去几天中发现的东西.
As I am currently trying to accomplish the same thing you are I thought I would chime in with what I've found over the last few days.
我正在Windows XP sp3环境中工作,并试图在两种不同的情况下使用CurrentUser注册表访问来实现模拟
I'm working in a Windows XP sp3 environment and trying to achieve impersonation with CurrentUser registry access in two different scenarios
如果您遇到任何有用的事情,如果您分享经验,我将不胜感激. 我的堆栈溢出问题可以在此处找到
If you come across anything useful I would be greatly appreciative if you share your experience. My stack overflow question can be found here
管理员>受限用户&受限用户>管理员
Administrator > Limited User & Limited User > Administrator
到目前为止,我注意到的是(在Windows XP sp3中)
What I've noticed so far is (in Windows XP sp3)
仅在模拟用户已启用SeRestoreName和SeBackupName特权的情况下才有效(仅对有问题的受限用户启用这两项是不够的,因为它仍然失败,并显示访问被拒绝错误-有关此问题的更多详细信息,请参见我的StackOverflow问题).到目前为止,我唯一能够成功调用LoadUserProfile()的方法是通过管理员帐户开始模拟之前.
Only works when the impersonating user has SeRestoreName and SeBackupName privileges enabled among others (simply enabling these two for the limited user in question was not enough as it still failed with an access denied error - See my StackOverflow question for more details on that). The only way I'm able to successfully call LoadUserProfile() so far is to do so by an Administrator account before starting impersonation.
仅在已加载用户个人资料时正确"工作,到目前为止,在我进行的每一次尝试中,除非加载了用户配置单元,否则我只能获取S-1-5-18配置单元的句柄并且已经可以在HKEY_USERS下访问
Only works "properly" when the user's profile is already loaded, In every attempt I've made so far I'm only able to get a handle to the S-1-5-18 hive unless the users hive is loaded and accessible under HKEY_USERS already
这篇关于有什么区别:LoadUserProfile -vs- RegOpenCurrentUser的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
