private static void AddDesktopPermission(string userName)
{
if (Environment.UserInteractive == false)
{
var desktopPermissionManager = new DesktopPermissionManager(userName);
desktopPermissionManager.AddDesktopPermission();
}
}
static void Main(string[] args)
{
try
{
permissionManager.AddDesktopPermission();
using (var jobObject = new JobObject("StartProcessAsUserJob"))
{
jobObject.KillProcessesOnJobClose = true;
RunProcs:
for (ushort i = 0; i < 1; ++i)
{
try
{
var p = DoCreateProcessAsUser();
// var p = DoCreateProcessWithLogon();
// jobObject.AddProcess(p.hProcess);
}
catch (Win32Exception ex)
{
Console.Error.WriteLine("ERROR: '{0}' Error code: '{1}' Native error code: '{2}'", ex.Message, ex.ErrorCode, ex.NativeErrorCode);
}
catch (Exception ex)
{
Console.Error.WriteLine("ERROR: '{0}'", ex.Message);
}
}
Console.WriteLine("Type 'again' to create again, hit enter to exit...");
string cmd = Console.ReadLine().Trim().ToLowerInvariant();
if (cmd == "again")
{
goto RunProcs;
}
}
}
finally
{
permissionManager.RemoveDesktopPermission();
}
}
public async Task WhenCredentialsGiven_LoadsUserEnvironment()
{
var desktopPermissionManager = new DesktopPermissionManager();
LocalPrincipalManager manager = new LocalPrincipalManager(desktopPermissionManager, "IIS_IUSRS");
string userName = "******";
if (manager.FindUser(userName) != null)
{
manager.DeleteUser(userName);
}
var user = manager.CreateUser(userName);
desktopPermissionManager.AddDesktopPermission(userName);
try
{
var si = CreateRunSpec("cmd.exe", new[] { "/C", "set USERNAME" });
si.Credentials = user;
si.BufferedInputOutput = true;
si.WorkingDirectory = Environment.SystemDirectory;
using (var p = Runner.Run(si))
{
WaitForGoodExit(p, 1000);
var output = await p.StandardOutput.ReadToEndAsync();
string expectedUserName = string.Format("USERNAME={0}", user.UserName);
Assert.Contains(expectedUserName, output);
}
}
finally
{
desktopPermissionManager.RemoveDesktopPermission(userName);
manager.DeleteUser(userName);
}
}
private void ServiceMain()
{
const string testFile = @"C:\tmp\test-it.ps1";
File.Delete(testFile);
File.WriteAllText(testFile, testPowershellScript);
var permissionManager = new DesktopPermissionManager(userName);
var startupInfo = new NativeMethods.StartupInfo();
string lpApplicationName = @"C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe";
var cmdLine = new StringBuilder(1024);
cmdLine.AppendFormat(@" -InputFormat None -NoLogo -NoProfile -NonInteractive -File {0}", testFile);
permissionManager.AddDesktopPermission();
using (var jobObject = new JobObject("StartProcessServiceJobObject"))
{
jobObject.KillProcessesOnJobClose = true;
while (!ct.IsCancellationRequested)
{
try
{
log.Debug("Executing command: '{0}'", cmdLine);
// Now create the process as the user
NativeMethods.ProcessInformation pi;
var saProcessAttributes = new NativeMethods.SecurityAttributes();
var saThreadAttributes = new NativeMethods.SecurityAttributes();
var createProcessFlags =
NativeMethods.CreateProcessFlags.CREATE_NO_WINDOW |
NativeMethods.CreateProcessFlags.CREATE_UNICODE_ENVIRONMENT;
IntPtr primaryToken = Utils.LogonAndGetPrimaryToken(userName, password);
if (NativeMethods.CreateProcessAsUser(primaryToken,
lpApplicationName,
cmdLine,
saProcessAttributes,
saThreadAttributes,
false,
createProcessFlags,
IntPtr.Zero,
workingDir,
startupInfo,
out pi))
{
log.Debug("created process: '{0}' pid: '{1}'", cmdLine.ToString(), pi.dwProcessId);
jobObject.AddProcess(pi.hProcess);
log.Debug("job object has '{0}' processes in it.", jobObject.GetJobProcesses().Count());
NativeMethods.CloseHandle(pi.hProcess);
NativeMethods.CloseHandle(pi.hThread);
}
else
{
int err = Marshal.GetLastWin32Error();
log.Error("Error '{0}' creating process.", err);
}
}
catch (Exception ex)
{
log.ErrorException("Exception creating process.", ex);
}
finally
{
Thread.Sleep(TimeSpan.FromSeconds(10));
}
}
}
permissionManager.RemoveDesktopPermission();
}