impersonating a user and starting a new process

[Balamurugan KR]

I want to impersonate as different use and need to start a process

WindowsImpersonationContext impersonatedUser = winID.Impersonate(); // here
user is impersonated
Console.WriteLine("After impersonation: "+
WindowsIdentity.GetCurrent().Name);
myProcess = new Process();
ProcessStartInfo myProcessStartInfo = new
ProcessStartInfo(Environment.GetEnvironmentVariable("systemdrive") +
@"\test.exe"); // but this process runs under wrong account and not on the
impersonated one
myProcess.StartInfo = myProcessStartInfo;
myProcess.Start();
myProcess.WaitForExit();
StreamReader sr = myProcess.StandardOutput; // output returned by text.exe

Here the test.exe writes to the console (standard output). I do not want to
use CreateProcessAsUser since this API does not have an option to return
the standard output back to the caller



Any help will be greatly Appreciated

 

[Stephen Martin]

System.Process.Start uses CreateProcess to start the new process and this
uses the token of the originating process for the new process' identity not
the thread token. In order to create a process while impersonating you must
use CreateProcessAsUser or CreateProcessWithLogonW. If you wish to redirect
one, or all, of the standard handles you can do so with either of these
functions, check out the STARTUPINFO parameter.

 

[Balamurugan KR]

Ok i am using createprocessasuser,

the steps i followed
1. use logonuser
2. call DuplicateToken with the token returned from logonuser
3. call LoadUserProfile with the token returned from duplicate token
4. CreateEnvironmentBlock
5. now call CreateProcessAsUser

i am getting an error "The type of the token is inappropriate for its
attempted use."

any ideas on this?