I have a windows service which started with local System account. In this service, it use CreateProcessAsUser API to create a new process with user1 account . After the process is created:
Logon the system as Administrator, I can find the owner of the process is user1, and I can stop/resume/kill the process.
Logon the system as user1, but I cannot stop/resume/kill the process, and I got the "access denied" error. Why?
Here is my test code:
import os import psutil import win32process import win32security import win32con import win32api import win32file def log(msg): with open('C:\\test\\my.log', 'a') as f: f.write(msg) f.write('\n') username = 'user1' password = 'user1' domain = 'testpc' try: token = win32security.LogonUser ( username, domain, password, win32con.LOGON32_LOGON_SERVICE, win32con.LOGON32_PROVIDER_DEFAULT ) win32security.ImpersonateLoggedOnUser(token) cmd = "ping -n 600 localhost" cwd = 'c:\\test' env = os.environ dwCreationFlags = win32con.NORMAL_PRIORITY_CLASS startup = win32process.STARTUPINFO() (hProcess, hThread, dwProcessId, dwThreadId) = \ win32process.CreateProcessAsUser(token, None, cmd, None, None, True, dwCreationFlags, env, cwd, startup) log("hProcess=%s, hThread=%s, dwProcessId=%s, dwThreadId=%s" % (hProcess, hThread, dwProcessId, dwThreadId)) process = psutil.Process(dwProcessId) log('process: %s' % process) return_code = process.wait() win32file.CloseHandle(hThread) win32file.CloseHandle(hProcess) except win32security.error as e: log(e)
Could someone help me? Many thanks.