[英]Run new process as different user in vb.net
I'm currently using a homegrown method to run a process as a different user in Vista, and I can't escape the feeling that's it hack-ish and less than ideal (in addition to the fact that it craps out UAC, crashing my app with a security exception, and forcing me to disable UAC altogether). 我目前正在使用一种自行开发的方法在Vista中以不同的用户身份运行一个进程,我无法摆脱那种黑客攻击并且不太理想的感觉(除了它摧毁了UAC,崩溃了我的事实)有安全例外的应用程序,并强制我完全禁用UAC)。 My process consists of two projects (so two EXE files) - an "interface" and a "launch stub" - and here's the process: 我的进程包含两个项目(所以两个EXE文件) - 一个“接口”和一个“启动存根” - 这里是过程:
The reason I have a two-step process is that I want users to be able to right-click on any file the OS has a default action for (.EXE, .SQL, .MSC, etc) and launch it, and ProcessStartInfo only supports that with "UseShellExecute" enabled, but that switch prevents me from using new credentials, so I can only do one at a time. 我有一个两步过程的原因是我希望用户能够右键单击操作系统具有(.EXE,。SQL,.MSC等)默认操作的任何文件并启动它,并且仅限ProcessStartInfo支持启用“UseShellExecute”,但该开关阻止我使用新凭据,所以我一次只能做一个。
This causes a few problems - first, the user has to already exist on the computer, meaning they have to have logged in locally before. 这会导致一些问题 - 首先,用户必须已经存在于计算机上,这意味着他们必须先在本地登录。 If there's no local profile for that user, the requested app will sometimes launch, but I get registry and profile exceptions because the application expects things to exist that don't yet (like an HKCU hive in the registry, which the user doesn't have because they've never logged in). 如果该用户没有本地配置文件,则所请求的应用程序有时会启动,但我得到注册表和配置文件例外,因为应用程序期望存在尚未存在的事物(如注册表中的HKCU配置单元,用户不会因为他们从未登录过。
I know I should be able to just "Elevate" the rights of my application to the user they're requesting, launch my new process, and then undo the elevation, but I'm unable to find a good code sample for that, and I'm not sure that it would allow running as a completely different user. 我知道我应该能够将我的应用程序的权限“提升”给他们请求的用户,启动我的新进程,然后撤消提升,但我无法找到一个好的代码示例,并且我不确定它是否允许以完全不同的用户身份运行。 Does this all make sense? 这一切都有意义吗? I just can't help feel like there's a better way to do this. 我不禁觉得有更好的方法来做到这一点。
UPDATE: I just tried some Impersonation code I found online, but to no avail. 更新:我刚尝试了一些我在网上发现的模拟代码 ,但无济于事。 When used in conjunction with ProcessStartInfo, it still seems to launch processes using my current login, not the one I've provided, even though I've activated impersonation using the provided credentials. 当与ProcessStartInfo一起使用时,它仍然似乎使用我当前的登录启动进程,而不是我提供的进程,即使我已使用提供的凭据激活模拟。
Chances are that you have to create your own "shell" function using the Win32 API. 您可能需要使用Win32 API创建自己的“shell”函数。
Using the CreateProcessWithLogonW API you can create new processes under different credentials and optionally load user profile information. 使用CreateProcessWithLogonW API,您可以在不同凭据下创建新进程,并可选择加载用户配置文件信息。
In the code snippet below if you replace 如果您替换,请在下面的代码段中
See the documentation for the CreateProcessWithLogonW API for further specifics. 有关更多细节,请参阅CreateProcessWithLogonW API的文档。 Going this route you have full control and full responsibility for launching the application. 走这条路线,您可以完全控制并全权负责启动应用程序。
Again this is just a sample and you may have to play with it a little to get it to do what you want. 再一次,这只是一个样本,你可能需要稍微玩一下才能让它做你想做的事。
Imports System.Runtime.InteropServices
Public Module modShell
<StructLayout(LayoutKind.Sequential)> _
Public Structure STARTUPINFO
Public cb As Integer
Public lpReserved As String
Public lpDesktop As String
Public lpTitle As String
Public dwX As Integer
Public dwY As Integer
Public dwXSize As Integer
Public dwYSize As Integer
Public dwXCountChars As Integer
Public dwYCountChars As Integer
Public dwFillAttribute As Integer
Public dwFlags As Integer
Public wShowWindow As Short
Public cbReserved2 As Short
Public lpReserved2 As Integer
Public hStdInput As Integer
Public hStdOutput As Integer
Public hStdError As Integer
End Structure
<StructLayout(LayoutKind.Sequential)> _
Public Structure PROCESS_INFORMATION
Public hProcess As IntPtr
Public hThread As IntPtr
Public dwProcessId As Integer
Public dwThreadId As Integer
End Structure
Public Declare Unicode Function CreateProcessWithLogonW Lib "Advapi32" (ByVal lpUsername As String, ByVal lpDomain As String, ByVal lpPassword As String, ByVal dwLogonFlags As Int32, ByVal lpApplicationName As String, ByVal lpCommandLine As String, ByVal dwCreationFlags As Int32, ByVal lpEnvironment As IntPtr, ByVal lpCurrentDirectory As String, ByRef si As STARTUPINFO, ByRef pi As PROCESS_INFORMATION) As Integer
Public Declare Function CloseHandle Lib "kernel32" (ByVal hObject As IntPtr) As Integer
Public Const LOGON_WITH_PROFILE As Int32 = &H1
Public Const NORMAL_PRIORITY_CLASS As Int32 = &H20&
Public Const STARTF_USESHOWWINDOW As Int32 = &H1
Public Const SW_HIDE As Int16 = 0
Public Const SW_SHOW As Int16 = 5
Public Function Shell(ByVal strCmdLine As String, ByVal strCurrentDirectory As String) As Boolean
Dim pi As PROCESS_INFORMATION
Dim si As New STARTUPINFO
si.cb = Marshal.SizeOf(si)
si.dwFlags = STARTF_USESHOWWINDOW
si.wShowWindow = SW_SHOW
Dim result As Integer = CreateProcessWithLogonW("username", "domain", "password", 0, vbNullString, strCmdLine, NORMAL_PRIORITY_CLASS, IntPtr.Zero, strCurrentDirectory, si, pi)
If result <> 0 Then
Call CloseHandle(pi.hThread)
Call CloseHandle(pi.hProcess)
Else
Return False
End If
Return True
End Function
End Module
If you want to start an application with different credentials than the current running process, you can use the .Net Process class. 如果要使用与当前正在运行的进程不同的凭据启动应用程序,可以使用.Net Process类。
this.Process = new Process();
this.Process.StartInfo.Arguments = "Arguments";
this.Process.StartInfo.FileName = "C:\your.exe";
this.Process.StartInfo.UserName = "UserName";
string password = "some password";
this.Process.StartInfo.Password.Clear();
foreach (char c in password)
{
this.Process.StartInfo.Password.AppendChar(c);
}
//allow the process to raise events
this.Process.EnableRaisingEvents = true;
this.Process.StartInfo.ErrorDialog = false;
//Method for handling the exit event
this.Process.Exited += new EventHandler(ApplicationProcess_Exited);
//Set the application directory as the current working directory
Environment.CurrentDirectory = System.IO.Directory.GetParent("C:\").ToString();
if (this.Process.Start())
{
// Do something on start
}
Try this Module: 试试这个模块:
Module Impersonation
#Region "API Structures"
<StructLayout(LayoutKind.Sequential)> _
Public Structure PROCESS_INFORMATION
Dim hProcess As System.IntPtr
Dim hThread As System.IntPtr
Dim dwProcessId As Integer
Dim dwThreadId As Integer
End Structure
<StructLayout(LayoutKind.Sequential)> _
Public Structure STARTUPINFO
Dim cb As Integer
Dim lpReserved As System.IntPtr
Dim lpDesktop As System.IntPtr
Dim lpTitle As System.IntPtr
Dim dwX As Integer
Dim dwY As Integer
Dim dwXSize As Integer
Dim dwYSize As Integer
Dim dwXCountChars As Integer
Dim dwYCountChars As Integer
Dim dwFillAttribute As Integer
Dim dwFlags As Integer
Dim wShowWindow As Short
Dim cbReserved2 As Short
Dim lpReserved2 As System.IntPtr
Dim hStdInput As System.IntPtr
Dim hStdOutput As System.IntPtr
Dim hStdError As System.IntPtr
End Structure
#End Region
#Region "API Constants"
Private Const LOGON_NETCREDENTIALS_ONLY As Integer = &H2
Private Const NORMAL_PRIORITY_CLASS As Integer = &H20
Private Const CREATE_DEFAULT_ERROR_MODE As Integer = &H4000000
Private Const CREATE_NEW_CONSOLE As Integer = &H10
Private Const CREATE_NEW_PROCESS_GROUP As Integer = &H200
Private Const LOGON_WITH_PROFILE As Integer = &H1
#End Region
#Region "API Functions"
Private Declare Unicode Function CreateProcessWithLogon Lib "Advapi32" Alias "CreateProcessWithLogonW" _
(ByVal lpUsername As String, _
ByVal lpDomain As String, _
ByVal lpPassword As String, _
ByVal dwLogonFlags As Integer, _
ByVal lpApplicationName As String, _
ByVal lpCommandLine As String, _
ByVal dwCreationFlags As Integer, _
ByVal lpEnvironment As System.IntPtr, _
ByVal lpCurrentDirectory As System.IntPtr, _
ByRef lpStartupInfo As STARTUPINFO, _
ByRef lpProcessInfo As PROCESS_INFORMATION) As Integer
Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As System.IntPtr) As Integer
#End Region
Public Sub RunProgram(ByVal UserName As String, ByVal Password As String, ByVal Domain As String, ByVal Application As String, ByVal CommandLine As String)
Dim siStartup As STARTUPINFO
Dim piProcess As PROCESS_INFORMATION
Dim intReturn As Integer
If CommandLine Is Nothing OrElse CommandLine = "" Then CommandLine = String.Empty
siStartup.cb = Marshal.SizeOf(siStartup)
siStartup.dwFlags = 0
intReturn = CreateProcessWithLogon(UserName, Domain, Password, LOGON_WITH_PROFILE, Application, CommandLine, _
NORMAL_PRIORITY_CLASS Or CREATE_DEFAULT_ERROR_MODE Or CREATE_NEW_CONSOLE Or CREATE_NEW_PROCESS_GROUP, _
IntPtr.Zero, IntPtr.Zero, siStartup, piProcess)
If intReturn = 0 Then
Throw New System.ComponentModel.Win32Exception(Marshal.GetLastWin32Error())
End If
CloseHandle(piProcess.hProcess)
CloseHandle(piProcess.hThread)
End Sub
End Module
Use Runprogram() To start your Program with user/pw y like. 使用Runprogram()用user / pw启动你的程序。 Programm means the .exe only, parameters ar written into "commandline" Programm意味着只有.exe,参数ar写入“命令行”
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.