代码之家 › 专栏 › 技术社区 › SqlRyan

在vb.net中以不同用户身份运行新进程

startprocessinfo security-context runas impersonation vb.net

SqlRyan · 技术社区 · 16 年前

我目前正在使用一种自制的方法在Vista中以不同用户的身份运行一个进程,我无法摆脱这种感觉,那就是它很黑客,不太理想(此外,它还会抛出UAC,导致我的应用程序因安全异常而崩溃,并迫使我完全禁用UAC)。我的流程由两个项目(即两个EXE文件)组成——一个“接口”和一个“启动存根”——流程如下:

用户有一个启动“Interface.exe notepad.exe”的快捷方式
Interface.exe有一个表单,要求提供他们要使用的凭据
Interace.exe使用ProcessStartInfo创建LaunchStub.exe(LS)的实例作为新用户
LS使用ProcessStartInfo(ShellExecute设置为true)启动请求的文件,由于它已经以请求的用户身份运行,因此新进程也是如此。

我有一个两步过程的原因是,我希望用户能够右键单击操作系统默认操作的任何文件(.EXE、.SQL、.MSC等)并启动它,ProcessStartInfo只支持启用“UseShellExecute”的情况,但该开关阻止我使用新的凭据,因此我一次只能执行一个。

这会导致一些问题——首先,用户必须已经存在于计算机上,这意味着他们之前必须在本地登录。如果该用户没有本地配置文件,则请求的应用程序有时会启动,但我会收到注册表和配置文件异常,因为应用程序希望存在尚未存在的东西(比如注册表中的HKCU配置单元,用户没有,因为他们从未登录过)。

我知道我应该能够将我的应用程序的权限“提升”给他们请求的用户,启动我的新进程,然后撤消提升,但我找不到一个好的代码示例,我不确定它是否允许以完全不同的用户身份运行。这一切都有意义吗?我只是忍不住觉得有更好的方法来做这件事。

更新: 我刚试过 some Impersonation code 我在网上找到了,但无济于事。当与ProcessStartInfo结合使用时,它似乎仍然使用我当前的登录名启动进程,而不是我提供的登录名,即使我使用提供的凭据激活了模拟。

4 回复 | 直到 16 年前

user50612 16 年前

您可能需要使用Win32 API创建自己的“shell”函数。

使用CreateProcessWithLogonW API,您可以在不同的凭据下创建新进程,也可以加载用户配置文件信息。

在下面的代码片段中,如果您替换

用户名-使用您的用户名
domain-使用您的域名或“vbNullString”
密码-使用您的密码
参数4-将0替换为“LOGON with PROFILE”以加载指定的用户配置文件。

请参阅文档以了解 CreateProcessWithLogonW API 了解更多细节。走这条路,您可以完全控制并完全负责启动应用程序。

同样,这只是一个示例,你可能需要稍微玩一下,才能让它做你想做的事情。


Imports System.Runtime.InteropServices

Public Module modShell

    <StructLayout(LayoutKind.Sequential)> _
    Public Structure STARTUPINFO
        Public cb As Integer
        Public lpReserved As String
        Public lpDesktop As String
        Public lpTitle As String
        Public dwX As Integer
        Public dwY As Integer
        Public dwXSize As Integer
        Public dwYSize As Integer
        Public dwXCountChars As Integer
        Public dwYCountChars As Integer
        Public dwFillAttribute As Integer
        Public dwFlags As Integer
        Public wShowWindow As Short
        Public cbReserved2 As Short
        Public lpReserved2 As Integer
        Public hStdInput As Integer
        Public hStdOutput As Integer
        Public hStdError As Integer
    End Structure

    <StructLayout(LayoutKind.Sequential)> _
    Public Structure PROCESS_INFORMATION
        Public hProcess As IntPtr
        Public hThread As IntPtr
        Public dwProcessId As Integer
        Public dwThreadId As Integer
    End Structure

    Public Declare Unicode Function CreateProcessWithLogonW Lib "Advapi32" (ByVal lpUsername As String, ByVal lpDomain As String, ByVal lpPassword As String, ByVal dwLogonFlags As Int32, ByVal lpApplicationName As String, ByVal lpCommandLine As String, ByVal dwCreationFlags As Int32, ByVal lpEnvironment As IntPtr, ByVal lpCurrentDirectory As String, ByRef si As STARTUPINFO, ByRef pi As PROCESS_INFORMATION) As Integer
    Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As IntPtr) As Integer

    Public Const LOGON_WITH_PROFILE As Int32 = &H1

    Public Const NORMAL_PRIORITY_CLASS As Int32 = &H20&

    Public Const STARTF_USESHOWWINDOW As Int32 = &H1
    Public Const SW_HIDE As Int16 = 0
    Public Const SW_SHOW As Int16 = 5

    Public Function Shell(ByVal strCmdLine As String, ByVal strCurrentDirectory As String) As Boolean

        Dim pi As PROCESS_INFORMATION
        Dim si As New STARTUPINFO

        si.cb = Marshal.SizeOf(si)
        si.dwFlags = STARTF_USESHOWWINDOW
        si.wShowWindow = SW_SHOW

        Dim result As Integer = CreateProcessWithLogonW("username", "domain", "password", 0, vbNullString, strCmdLine, NORMAL_PRIORITY_CLASS, IntPtr.Zero, strCurrentDirectory, si, pi)

        If result <> 0 Then
            Call CloseHandle(pi.hThread)
            Call CloseHandle(pi.hProcess)
        Else
            Return False
        End If

        Return True

    End Function

End Module

Sunny Milenov 16 年前

您可以尝试从应用程序运行runas。一些示例和选项 here .

DrFuture 16 年前

试试这个模块:

Module Impersonation

#Region "API Structures"
    <StructLayout(LayoutKind.Sequential)> _
      Public Structure PROCESS_INFORMATION
        Dim hProcess As System.IntPtr
        Dim hThread As System.IntPtr
        Dim dwProcessId As Integer
        Dim dwThreadId As Integer
    End Structure

    <StructLayout(LayoutKind.Sequential)> _
     Public Structure STARTUPINFO
        Dim cb As Integer
        Dim lpReserved As System.IntPtr
        Dim lpDesktop As System.IntPtr
        Dim lpTitle As System.IntPtr
        Dim dwX As Integer
        Dim dwY As Integer
        Dim dwXSize As Integer
        Dim dwYSize As Integer
        Dim dwXCountChars As Integer
        Dim dwYCountChars As Integer
        Dim dwFillAttribute As Integer
        Dim dwFlags As Integer
        Dim wShowWindow As Short
        Dim cbReserved2 As Short
        Dim lpReserved2 As System.IntPtr
        Dim hStdInput As System.IntPtr
        Dim hStdOutput As System.IntPtr
        Dim hStdError As System.IntPtr
    End Structure
#End Region

#Region "API Constants"
    Private Const LOGON_NETCREDENTIALS_ONLY As Integer = &H2
    Private Const NORMAL_PRIORITY_CLASS As Integer = &H20
    Private Const CREATE_DEFAULT_ERROR_MODE As Integer = &H4000000
    Private Const CREATE_NEW_CONSOLE As Integer = &H10
    Private Const CREATE_NEW_PROCESS_GROUP As Integer = &H200
    Private Const LOGON_WITH_PROFILE As Integer = &H1
#End Region

#Region "API Functions"
    Private Declare Unicode Function CreateProcessWithLogon Lib "Advapi32" Alias "CreateProcessWithLogonW" _
        (ByVal lpUsername As String, _
         ByVal lpDomain As String, _
         ByVal lpPassword As String, _
         ByVal dwLogonFlags As Integer, _
         ByVal lpApplicationName As String, _
         ByVal lpCommandLine As String, _
         ByVal dwCreationFlags As Integer, _
         ByVal lpEnvironment As System.IntPtr, _
         ByVal lpCurrentDirectory As System.IntPtr, _
         ByRef lpStartupInfo As STARTUPINFO, _
         ByRef lpProcessInfo As PROCESS_INFORMATION) As Integer

    Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As System.IntPtr) As Integer

#End Region

    Public Sub RunProgram(ByVal UserName As String, ByVal Password As String, ByVal Domain As String, ByVal Application As String, ByVal CommandLine As String)

        Dim siStartup As STARTUPINFO
        Dim piProcess As PROCESS_INFORMATION
        Dim intReturn As Integer

        If CommandLine Is Nothing OrElse CommandLine = "" Then CommandLine = String.Empty

        siStartup.cb = Marshal.SizeOf(siStartup)
        siStartup.dwFlags = 0

        intReturn = CreateProcessWithLogon(UserName, Domain, Password, LOGON_WITH_PROFILE, Application, CommandLine, _
        NORMAL_PRIORITY_CLASS Or CREATE_DEFAULT_ERROR_MODE Or CREATE_NEW_CONSOLE Or CREATE_NEW_PROCESS_GROUP, _
        IntPtr.Zero, IntPtr.Zero, siStartup, piProcess)

        If intReturn = 0 Then
            Throw New System.ComponentModel.Win32Exception(Marshal.GetLastWin32Error())
        End If

        CloseHandle(piProcess.hProcess)
        CloseHandle(piProcess.hThread)

    End Sub

End Module

使用Runprogram()以用户/pw y启动程序。程序仅指.exe,参数写入“命令行”

zlsmith86 10 年前

如果要使用与当前运行进程不同的凭据启动应用程序,可以使用。网过程类。

this.Process = new Process();

this.Process.StartInfo.Arguments = "Arguments";
this.Process.StartInfo.FileName = "C:\your.exe";
this.Process.StartInfo.UserName = "UserName";
string password = "some password";

this.Process.StartInfo.Password.Clear();
foreach (char c in password)
{
    this.Process.StartInfo.Password.AppendChar(c);
}


//allow the process to raise events
this.Process.EnableRaisingEvents = true;
this.Process.StartInfo.ErrorDialog = false;
//Method for handling the exit event
this.Process.Exited += new EventHandler(ApplicationProcess_Exited);

//Set the application directory as the current working directory
Environment.CurrentDirectory = System.IO.Directory.GetParent("C:\").ToString();

if (this.Process.Start())
{
    // Do something on start
}