I have a service installed and I need to start it's own executable from it with administrative access without the user interaction (the user has agreeded to do so when installing the service). In the app I check if I'm in a service and if not (StartServiceCtrlDispatcher fails) it will do admin stuff.
This does not help, the app already is set (because it's a service as well) as admin but it will run without admin rights.
This is a remote deskop support application based on Windows RDP service and if it is not run as administrator, then I cannot interact with UAC presented in the remote desktop in case some other app is to be run as admin.
I'm trying this (error handling removed):
PWTS_SESSION_INFO w;
DWORD c = 0;
WTSEnumerateSessions(WTS_CURRENT_SERVER_HANDLE, 0, 1, &w, &c);
DWORD sid = 0;
for (unsigned int i = 0; i < c; i++)
{
if (_wcsicmp(w[i].pWinStationName, L"console") == 0)
{
sid = w[i].SessionId;
break;
}
}
WTSFreeMemory(w);
HANDLE t = 0;
WTSQueryUserToken(sid, &t);
HANDLE pt = 0;
TOKEN_LINKED_TOKEN linkedToken = { 0 };
DWORD dwSize = sizeof(linkedToken);
GetTokenInformation(t,
TokenLinkedToken,
&linkedToken,
dwSize, &dwSize)
DuplicateTokenEx(linkedToken.LinkedToken,TOKEN_ALL_ACCESS, NULL, SecurityImpersonation, TokenPrimary,&pt);
SetTokenInformation(pt, TokenSessionId, (void*)&sid, sizeof(sid));
CreateProcessAsUser(pt, 0, fw, 0, 0, 0, 0, 0, 0, &sInfo, &pInfo);
...
This new process is started without admin privileges although it's the very same executable that has the manifest set to the admin level.
