简体   繁体   English

作为网络服务启动过程

[英]Starting process as NETWORK SERVICE

I am trying to start a process with user NETWORK SERVICE, from a service running under LOCAL SYSTEM. 我正在尝试从本地系统下运行的服务使用用户NETWORK SERVICE启动进程。 To do this I am using the following sequence of pinvoke operations: 为此,我使用以下序列的点名操作:

  1. LogonUser()
  2. DuplicateTokenEx()
  3. LoadUserProfile()
  4. CreateEnvironmentBlock()
  5. CreateProcessAsUser()

Using the steps above I was able to get the process to launch - I see the process creation event in the event viewer. 使用上述步骤,我能够启动流程-我在事件查看器中看到了流程创建事件。 However the process I am creating is a C# application that spawns a conhost.exe child process and crashes immediately due possibly to the conhost.exe child process crashing (also shows up in the event log - the crash reason is DLL initialization failure). 但是,我正在创建的进程是一个C#应用程序,它生成一个conhost.exe子进程并可能由于conhost.exe子进程崩溃而立即崩溃(也显示在事件日志中-崩溃原因是DLL初始化失败)。

I have also found that if I give NETWORK SERVICE administrator privileges on my machine, I am able to use the steps above to start the process successfully. 我还发现,如果我在计算机上授予NETWORK SERVICE管理员特权,则可以使用上述步骤成功启动该过程。

Finally, I have also tried launching the same process directly from a service running under the NETWORK SERVICE user, and in that case it starts successfully. 最后,我还尝试过直接从NETWORK SERVICE用户下运行的服务启动相同的进程,在这种情况下,它成功启动。 This makes me suspect that something about the context in which I am trying to start the new process is incomplete and I am missing another operation to prime the environment. 这使我怀疑尝试启动新过程的上下文环境不完整,并且缺少用于启动环境的其他操作。

Is there anything obviously wrong with my approach? 我的方法明显有什么问题吗? Am I missing a step somewhere? 我在某处错过了一步吗?

The issue was incorrect setting of the lpDesktop field of STARTUP_INFO structure. 问题是STARTUP_INFO结构的lpDesktop字段设置不正确。 If the value is not set to string.Empty , the new process will attempt to use the desktop of the parent process, which it does not have access to. 如果该值未设置为string.Empty ,则新进程将尝试使用其无权访问的父进程的桌面。

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM