Pregunta
In Windows Vista and later, LogonUser returns a non-privileged token, even if the user provided is an administrator. Thus, when you impersonate using that token, you are non-elevated. Given a correct username and password for an administrator user, how do you run code that has elevated privileges for that administrator?
Solución 2
If you are writing a Windows service, using LOGON32_LOGON_SERVICE instead of LOGON32_LOGON_INTERACTIVE or LOGON32_LOGON_NEW_CREDENTIALS will result in a privileged token, as long as the user you want to impersonate has 'log on as a service' permissions.
This doesn't provide a general solution (it won't work if you're writing a user-facing application), but is sufficient to solve the specific problem I had.
Otros consejos
I just worked with this example, It actually works fine. I guess if you want to run code in this context you'll have to set the current thread principal by:
https://stackoverflow.com/questions/19050453
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianThread.CurrentPrincipal = new System.Security.Principal.WindowsPrincipal(WindowsIdentity.GetCurrent());
