CreateProcessAsUser fails with error code 2 (file not found)
in [Win32 Kernel]
|
Prev: Not seeing all traces in ETL file when viewing on XP
Next: VC98 IDL compiler (MIDL) - Where to get it ?
From: eselk2003 on 2 Dec 2008 19:32 I have code that works on XP and Vista, on about 20 different test PCs, except on one XP system CreateProcessAsUser fails sometimes. Here is the code, without error checking: OpenProcessToken(GetCurrentProcess(),TOKEN_ALL_ACCESS,&t); DuplicateTokenEx (t,TOKEN_ALL_ACCESS,NULL,SecurityImpersonation,TokenPrimary,&dt); DWORD sid = WTSGetActiveConsoleSessionId(); SetTokenInformation(dt,TokenSessionId,&sid,sizeof(sid)); STARTUPINFO si; memset(&si,0,sizeof(si)); si.cb = sizeof(si); si.lpDesktop = "winsta0\\default"; CreateProcessAsUser(dt,NULL,"c:\myfile.exe", NULL,NULL,FALSE,NORMAL_PRIORITY_CLASS|CREATE_NEW_CONSOLE, NULL,NULL,&si,&UserModeProcessInfo); The code runs in a service running as LocalSystem. I want the process to run as LocalSystem also (I know the security risks). If the active console session ID is 0, the code always works. If non- zero (1, 2, 3, etc), only one on XP system the CreateProcessAsUser fails and GetLastError() returns 2 (file not found). I can add a check right before that call to see if the file exists, and it does. I can change form myfile.exe to notepad.exe or some other system EXE, and get the same results. If I force to code to always use session ID 0 then it also works, but of course the app runs on the wrong session (I want it on the active console session). So obviously there is some issue related to a service (running in session 0, since this is XP), starting a process under another session. Weird that the error is 2, and not something like 5 (access denied). Or is there a better method to have a service that runs apps under the current console session, and runs those apps as LocalSystem? All of the examples I've found on MSDN use LogonUser or WTSQueryUserToken to "display UI from a service", but in my case I really need/want the process to run as LocalSystem, not as the active user.
From: Boris on 4 Dec 2008 07:46 Line: CreateProcessAsUser(dt,NULL,"c:\myfile.exe",... - has a typo. You should use double backslash inside quoted string. Boris <eselk2003(a)gmail.com> wrote in message news:c23dabf5-fa13-4733-8de8-9487177452f4(a)j35g2000yqh.googlegroups.com... >I have code that works on XP and Vista, on about 20 different test > PCs, except on one XP system CreateProcessAsUser fails sometimes. > Here is the code, without error checking: > > OpenProcessToken(GetCurrentProcess(),TOKEN_ALL_ACCESS,&t); > > DuplicateTokenEx > (t,TOKEN_ALL_ACCESS,NULL,SecurityImpersonation,TokenPrimary,&dt); > > DWORD sid = WTSGetActiveConsoleSessionId(); > SetTokenInformation(dt,TokenSessionId,&sid,sizeof(sid)); > > STARTUPINFO si; > memset(&si,0,sizeof(si)); > si.cb = sizeof(si); > si.lpDesktop = "winsta0\\default"; > > CreateProcessAsUser(dt,NULL,"c:\myfile.exe", > NULL,NULL,FALSE,NORMAL_PRIORITY_CLASS|CREATE_NEW_CONSOLE, > NULL,NULL,&si,&UserModeProcessInfo); > > The code runs in a service running as LocalSystem. I want the process > to run as LocalSystem also (I know the security risks). > > If the active console session ID is 0, the code always works. If non- > zero (1, 2, 3, etc), only one on XP system the CreateProcessAsUser > fails and GetLastError() returns 2 (file not found). I can add a > check right before that call to see if the file exists, and it does. > I can change form myfile.exe to notepad.exe or some other system EXE, > and get the same results. If I force to code to always use session ID > 0 then it also works, but of course the app runs on the wrong session > (I want it on the active console session). > > So obviously there is some issue related to a service (running in > session 0, since this is XP), starting a process under another > session. Weird that the error is 2, and not something like 5 (access > denied). > > Or is there a better method to have a service that runs apps under the > current console session, and runs those apps as LocalSystem? All of > the examples I've found on MSDN use LogonUser or WTSQueryUserToken to > "display UI from a service", but in my case I really need/want the > process to run as LocalSystem, not as the active user.
From: eselk2003 on 18 Dec 2008 15:35
On Dec 4, 5:46 am, "Boris" <spa...(a)nospam.net> wrote: > Line: > > CreateProcessAsUser(dt,NULL,"c:\myfile.exe",... > > - has a typo. You should use double backslash inside quoted string. Sorry, I just typed that wrong when posting, but in my actual code it is typed correctly. If it wasn't, then my code wouldn't work on any platform. Anyway, since I didn't get any other answers, I'm guessing no one else has seen this issue and doesn't have any ideas of how to fix it. So far we've tested on about 100 PCs, and only found 1 with the issue, so obviously it isn't very common. |