Yes, sorry I tried to make it clear in the original question that I want to
get the user token of the service - ie. the account the service is running
under. I know services don't have user tokens - I suspect users do have
tokens, hence "user token", otherwise we might call them "service tokens" or
somesuch :-)
If you read the question again, you migh see that the fundamental question
is, *assuming there is no other approach*:
The service runs as "Local System" - can I impersonate the "Local System"
account?
I don't believe that "logonuser" can help with this.
What I was trying to demonstrate with the code is that I can get the process
that the service is running as - I just cannot get its user token.
Is there anyone here who can understand my original question and have a go
at answering it? I would be grateful for any assistance.
"Nicholas Paldino [.NET/C# MVP]" wrote:
get the user token of the service - ie. the account the service is running
under. I know services don't have user tokens - I suspect users do have
tokens, hence "user token", otherwise we might call them "service tokens" or
somesuch :-)
If you read the question again, you migh see that the fundamental question
is, *assuming there is no other approach*:
The service runs as "Local System" - can I impersonate the "Local System"
account?
I don't believe that "logonuser" can help with this.
What I was trying to demonstrate with the code is that I can get the process
that the service is running as - I just cannot get its user token.
Is there anyone here who can understand my original question and have a go
at answering it? I would be grateful for any assistance.
"Nicholas Paldino [.NET/C# MVP]" wrote:
Well, you would want to get the token of a user that has the appropriate
rights to change the priority of the class.
>
There is no such thing as the user token of the service. The service
runs under a user account, and that user is the one assocaited with the
process/thread.
>
If you don't have the appropriate permissions then you need to have the
service run under a user account that has permissions (in which case, none
of this is necessary), or call the LogonUser API function through the
P/Invoke layer, passing the username and password of the user you want to
impersonate, then use the user token returned from LogonUser to pass to the
Impersonate method (the documentation for the Impersonate method should have
an example of how to call LogonUser).
>
It should be noted that changing the priority of any process is
generally a bad idea.
>
>
--
- Nicholas Paldino [.NET/C# MVP]
- mvp@spam.guard. caspershouse.co m
>
"muradjames " <muradjames@dis cussions.micros oft.comwrote in message
news:28CFB03C-52F5-452A-A3BF-67208C60C689@mi crosoft.com...
rights to change the priority of the class.
>
There is no such thing as the user token of the service. The service
runs under a user account, and that user is the one assocaited with the
process/thread.
>
If you don't have the appropriate permissions then you need to have the
service run under a user account that has permissions (in which case, none
of this is necessary), or call the LogonUser API function through the
P/Invoke layer, passing the username and password of the user you want to
impersonate, then use the user token returned from LogonUser to pass to the
Impersonate method (the documentation for the Impersonate method should have
an example of how to call LogonUser).
>
It should be noted that changing the priority of any process is
generally a bad idea.
>
>
--
- Nicholas Paldino [.NET/C# MVP]
- mvp@spam.guard. caspershouse.co m
>
"muradjames " <muradjames@dis cussions.micros oft.comwrote in message
news:28CFB03C-52F5-452A-A3BF-67208C60C689@mi crosoft.com...
I have a service running on my PC. I want to set the service's
PriorityClass
to BelowNormal. I use the following code:
Process process = GetServiceProce ss();
// How can I get the user's token (Local System) from the
process, or wherever?
using (WindowsImperso nationContext user =
WindowsIdentity .Impersonate(us erToken))
{
process.Priorit yClass =
Settings.Defaul t.servicePriori ty;
}
Clearly, this cannot work - I need the userToken.
So, my questions are:
1) Is this the correct approach? I am assuming that the "access denied" is
caused by the fact that my application is running as one user, and the
service is running as local system so I cannot change it? My approach is
to
impersonate the local system user while I change the priority class.
2) If this is correct, how can I get the user token *of the service* (i.e.
the Local System token) so that I can impersonate it?
I am using .Net 3.5, by the way...any help gratefully accepted!!!
PriorityClass
to BelowNormal. I use the following code:
Process process = GetServiceProce ss();
// How can I get the user's token (Local System) from the
process, or wherever?
using (WindowsImperso nationContext user =
WindowsIdentity .Impersonate(us erToken))
{
process.Priorit yClass =
Settings.Defaul t.servicePriori ty;
}
Clearly, this cannot work - I need the userToken.
So, my questions are:
1) Is this the correct approach? I am assuming that the "access denied" is
caused by the fact that my application is running as one user, and the
service is running as local system so I cannot change it? My approach is
to
impersonate the local system user while I change the priority class.
2) If this is correct, how can I get the user token *of the service* (i.e.
the Local System token) so that I can impersonate it?
I am using .Net 3.5, by the way...any help gratefully accepted!!!
Comment