Hi everyone.
I am encountering an issue when trying to get other processes informations from my app. This app is an "updater". When it starts, it checks if the process to update is running. And here is the issue. Some informations on the running processes throw a System.ComponentModel.Win32Exception "Access denied" Exception. I was able to understand the reason of the exception : the updater is lauched from a "user" account and the user cannot read other user's processes. Because the updater runs in a Terminal Service session, other users may have the app to update running. If that is the case, the updater should warn the user, but instead of doing it, it crashes when reader the running process info.
After reading a lot about over the internet, I decided to use impersonation to execute the updater so that it will execute as a different account. Because the updater must access a network share, I set a domain administrator account.
The code runs fine, the impersonation works, but the exception is still there, even when the the code is executed with the domain admin account. I also tried to put the domain admin account in the local "Administrators" group.
So... I don't understand what is going wrong...
Can you help me please ?
(The updater runs on a Windows Server 2003 x86, the .NET framework is the 3.5)
Here is the simplified code that trows the exception :
WrapperImpersonationContext c =newWrapperImpersonationContext("MyDomain","MyDomainAdmin","MyPassword");
int errorCode =0;
c.Enter(out errorCode);// Impersonation...
Console.WriteLine(Environment.UserName) ; // = MyDomainAdmin, Impersonation OK!
// Looking for running process called "test". It may return mine or other users processes
Process[] ret = Process.GetProcessesByName("test");List<Process> retList =newList<Process>();for(int i =0; i < ret.Length; i++){
// The process here is a process that belongs to another user, that's why I get an exceptionFileInfofi=newFileInfo(ret[i].MainModule.FileName);// System.ComponentModel.Win32Exception!!! Access denied on MainModule...}
Here is theWrapperImpersonationContext class code :
usingSystem;usingSystem.Runtime.InteropServices;usingSystem.Security.Principal;usingSystem.Security.Permissions;usingSystem.ComponentModel;namespaceCommon.ApplicationUpdater{publicclassWrapperImpersonationContext{[DllImport("advapi32.dll",SetLastError=true)]publicstaticexternboolLogonUser(String lpszUsername,String lpszDomain,String lpszPassword,int dwLogonType,int dwLogonProvider,refIntPtr phToken);[DllImport("kernel32.dll",CharSet=CharSet.Auto)]publicexternstaticboolCloseHandle(IntPtr handle);privateconstint LOGON32_PROVIDER_DEFAULT =0;privateconstint LOGON32_LOGON_INTERACTIVE =2;privatestring m_Domain;privatestring m_Password;privatestring m_Username;privateIntPtr m_Token;privateWindowsImpersonationContext m_Context =null;protectedboolIsInContext{get{return m_Context !=null;}}publicWrapperImpersonationContext(string domain,string username,string password){ m_Domain = domain; m_Username = username; m_Password = password;}[PermissionSetAttribute(SecurityAction.Demand,Name="FullTrust")]publicboolEnter(outint errorCode){ errorCode =0;if(this.IsInContext)returntrue; m_Token =newIntPtr(0);try{ m_Token =IntPtr.Zero;bool logonSuccessfull =LogonUser( m_Username, m_Domain, m_Password, LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT,ref m_Token);if(logonSuccessfull ){WindowsIdentity identity =newWindowsIdentity(m_Token); m_Context = identity.Impersonate();}else{ errorCode =Marshal.GetLastWin32Error();returnfalse;}returntrue;}catch(Exception ex){ errorCode =(int)Marshal.GetHRForException(ex);returnfalse;}}[PermissionSetAttribute(SecurityAction.Demand,Name="FullTrust")]publicvoidLeave(){if(this.IsInContext==false)return; m_Context.Undo();if(m_Token !=IntPtr.Zero)CloseHandle(m_Token); m_Context =null;}}
}
Thank you for helping me!
Best regards.
Matteo, .NET Developer and System Engineer