RegLoadKey while impersonated.


G

Guest

Hi,

I'm having to hack (because I don’t know c# very well) together a migration
application for my company for use with migrating to active directory. (using
VS2005/.NET 2.0)

The goal is to write an application that will run under administrative
credentials to copy their old profile “My documents, favorites, desktop, and
default printer†to their new AD profile.

The application is complete except for the impersonation. Independently,
the two methods work great.. However, in order to load the registry hive (to
get their old default printer), I have to get the token for the current
process and adjust the privileges. I’ve been banging my head now for two
days and just can’t seem to figure out where I’m overlapped. The two just
will not work together. If I impersonate, I don’t get my hive information,
if I get my hive information, I don’t get my impersonation. I’ve verified
that the sudo credentials are the same as my personal administrative
credentials right down to system policies (Act as part of the OS, etc…). I’m
certain it’s related to the tokens

The return from the RegLoadKey is: 1314

Can anyone provide me any insight please?

Thank you very much…

Code ---


#### Impersonation (called after InitializeComponent)#######

//Get token and impersonate user!
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);

const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
const int SecurityImpersonation = 2;

tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;

bool returnValue = LogonUser(DomainuserName, domainName, userPass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref
dupeTokenHandle);
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
//Impersonation complete, don't forget to undo personating!

#### RegLoadKey (called with “migrate†button) #######
int token = 0;
int retval = 0;
TOKEN_PRIVILEGES TP = new TOKEN_PRIVILEGES();
TOKEN_PRIVILEGES TP2 = new TOKEN_PRIVILEGES();
LUID RestoreLuid = new LUID();
LUID BackupLuid = new LUID();
retval = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, ref token);
retval = LookupPrivilegeValue(null, SE_RESTORE_NAME, ref RestoreLuid);
retval = LookupPrivilegeValue(null, SE_BACKUP_NAME, ref BackupLuid);
TP.PrivilegeCount = 1;
TP.Attributes = SE_PRIVILEGE_ENABLED;
TP.Luid = RestoreLuid;
TP2.PrivilegeCount = 1;
TP2.Attributes = SE_PRIVILEGE_ENABLED;
TP2.Luid = BackupLuid;
retval = AdjustTokenPrivileges(token, 0, ref TP, 1024, 0, 0);
retval = AdjustTokenPrivileges(token, 0, ref TP2, 1024, 0, 0);
// Load the offline profile hive
int result = RegLoadKey(HKEY_USERS, "MIGRATION", strPath + @"\NTUSER.DAT");
RegistryKey dPrintKey = Registry.Users;
dPrintKey = dPrintKey.OpenSubKey(@"MIGRATION\Software\Microsoft\Windows
NT\CurrentVersion\Windows");
Object dPrinter = dPrintKey.GetValue("Device");
string retvalue = dPrinter.ToString();
dPrintKey.Close();
RegUnLoadKey(HKEY_USERS, "MIGRATION");
 
Ad

Advertisements

G

Guest

Bump please

Ed McAndrew said:
Hi,

I'm having to hack (because I don’t know c# very well) together a migration
application for my company for use with migrating to active directory. (using
VS2005/.NET 2.0)

The goal is to write an application that will run under administrative
credentials to copy their old profile “My documents, favorites, desktop, and
default printer†to their new AD profile.

The application is complete except for the impersonation. Independently,
the two methods work great.. However, in order to load the registry hive (to
get their old default printer), I have to get the token for the current
process and adjust the privileges. I’ve been banging my head now for two
days and just can’t seem to figure out where I’m overlapped. The two just
will not work together. If I impersonate, I don’t get my hive information,
if I get my hive information, I don’t get my impersonation. I’ve verified
that the sudo credentials are the same as my personal administrative
credentials right down to system policies (Act as part of the OS, etc…). I’m
certain it’s related to the tokens

The return from the RegLoadKey is: 1314

Can anyone provide me any insight please?

Thank you very much…

Code ---


#### Impersonation (called after InitializeComponent)#######

//Get token and impersonate user!
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);

const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
const int SecurityImpersonation = 2;

tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;

bool returnValue = LogonUser(DomainuserName, domainName, userPass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref
dupeTokenHandle);
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
//Impersonation complete, don't forget to undo personating!

#### RegLoadKey (called with “migrate†button) #######
int token = 0;
int retval = 0;
TOKEN_PRIVILEGES TP = new TOKEN_PRIVILEGES();
TOKEN_PRIVILEGES TP2 = new TOKEN_PRIVILEGES();
LUID RestoreLuid = new LUID();
LUID BackupLuid = new LUID();
retval = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, ref token);
retval = LookupPrivilegeValue(null, SE_RESTORE_NAME, ref RestoreLuid);
retval = LookupPrivilegeValue(null, SE_BACKUP_NAME, ref BackupLuid);
TP.PrivilegeCount = 1;
TP.Attributes = SE_PRIVILEGE_ENABLED;
TP.Luid = RestoreLuid;
TP2.PrivilegeCount = 1;
TP2.Attributes = SE_PRIVILEGE_ENABLED;
TP2.Luid = BackupLuid;
retval = AdjustTokenPrivileges(token, 0, ref TP, 1024, 0, 0);
retval = AdjustTokenPrivileges(token, 0, ref TP2, 1024, 0, 0);
// Load the offline profile hive
int result = RegLoadKey(HKEY_USERS, "MIGRATION", strPath + @"\NTUSER.DAT");
RegistryKey dPrintKey = Registry.Users;
dPrintKey = dPrintKey.OpenSubKey(@"MIGRATION\Software\Microsoft\Windows
NT\CurrentVersion\Windows");
Object dPrinter = dPrintKey.GetValue("Device");
string retvalue = dPrinter.ToString();
dPrintKey.Close();
RegUnLoadKey(HKEY_USERS, "MIGRATION");
 
G

Guest

Thanks Barry,

I'm aware that it's a privlige issue. I'm certain that I need to adjust the
tokens privlige for the impersonation using "AdjustTokenPrivileges" (as in
the second sniplet of code), but am unsure of what "handle" I should adjust.
 
G

Guest

Bump please

Ed McAndrew said:
Hi,

I'm having to hack (because I don’t know c# very well) together a migration
application for my company for use with migrating to active directory. (using
VS2005/.NET 2.0)

The goal is to write an application that will run under administrative
credentials to copy their old profile “My documents, favorites, desktop, and
default printer†to their new AD profile.

The application is complete except for the impersonation. Independently,
the two methods work great.. However, in order to load the registry hive (to
get their old default printer), I have to get the token for the current
process and adjust the privileges. I’ve been banging my head now for two
days and just can’t seem to figure out where I’m overlapped. The two just
will not work together. If I impersonate, I don’t get my hive information,
if I get my hive information, I don’t get my impersonation. I’ve verified
that the sudo credentials are the same as my personal administrative
credentials right down to system policies (Act as part of the OS, etc…). I’m
certain it’s related to the tokens

The return from the RegLoadKey is: 1314

Can anyone provide me any insight please?

Thank you very much…

Code ---


#### Impersonation (called after InitializeComponent)#######

//Get token and impersonate user!
IntPtr tokenHandle = new IntPtr(0);
IntPtr dupeTokenHandle = new IntPtr(0);

const int LOGON32_PROVIDER_DEFAULT = 0;
const int LOGON32_LOGON_INTERACTIVE = 2;
const int SecurityImpersonation = 2;

tokenHandle = IntPtr.Zero;
dupeTokenHandle = IntPtr.Zero;

bool returnValue = LogonUser(DomainuserName, domainName, userPass,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, ref tokenHandle);
bool retVal = DuplicateToken(tokenHandle, SecurityImpersonation, ref
dupeTokenHandle);
WindowsIdentity newId = new WindowsIdentity(dupeTokenHandle);
WindowsImpersonationContext impersonatedUser = newId.Impersonate();
//Impersonation complete, don't forget to undo personating!

#### RegLoadKey (called with “migrate†button) #######
int token = 0;
int retval = 0;
TOKEN_PRIVILEGES TP = new TOKEN_PRIVILEGES();
TOKEN_PRIVILEGES TP2 = new TOKEN_PRIVILEGES();
LUID RestoreLuid = new LUID();
LUID BackupLuid = new LUID();
retval = OpenProcessToken(GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, ref token);
retval = LookupPrivilegeValue(null, SE_RESTORE_NAME, ref RestoreLuid);
retval = LookupPrivilegeValue(null, SE_BACKUP_NAME, ref BackupLuid);
TP.PrivilegeCount = 1;
TP.Attributes = SE_PRIVILEGE_ENABLED;
TP.Luid = RestoreLuid;
TP2.PrivilegeCount = 1;
TP2.Attributes = SE_PRIVILEGE_ENABLED;
TP2.Luid = BackupLuid;
retval = AdjustTokenPrivileges(token, 0, ref TP, 1024, 0, 0);
retval = AdjustTokenPrivileges(token, 0, ref TP2, 1024, 0, 0);
// Load the offline profile hive
int result = RegLoadKey(HKEY_USERS, "MIGRATION", strPath + @"\NTUSER.DAT");
RegistryKey dPrintKey = Registry.Users;
dPrintKey = dPrintKey.OpenSubKey(@"MIGRATION\Software\Microsoft\Windows
NT\CurrentVersion\Windows");
Object dPrinter = dPrintKey.GetValue("Device");
string retvalue = dPrinter.ToString();
dPrintKey.Close();
RegUnLoadKey(HKEY_USERS, "MIGRATION");
 
Ad

Advertisements

G

Guest

Does anybody have any idea(s)?

Sorry to nag... but I'm down to the wire and still have not figured it out
on my own.

Ed
 
Ad

Advertisements


Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top