int main( int argc, char *argv[] )
{
LPTSTR User, Domain, Password, Command, lpNameBuffer = NULL;
DWORD dwSize = 0;
int RC = 0;
if ( argc != 5 )
{
usage( argv[0] );
RC = -1;
}
else
{
GetUserNameEx( NameSamCompatible, lpNameBuffer, &dwSize );
if ( GetLastError() == ERROR_MORE_DATA )
{
lpNameBuffer = (LPTSTR) HeapAlloc( GetProcessHeap(), HEAP_ZERO_MEMORY, dwSize + 1 );
if ( GetUserNameEx( NameSamCompatible, lpNameBuffer, &dwSize ) )
{
sprintf( buffer, "Calling User: %s\n", lpNameBuffer );
debug( buffer );
if ( lpNameBuffer != NULL ) HeapFree( GetProcessHeap(), 0, (LPVOID)lpNameBuffer );
}
}
User = argv[1];
Domain = argv[2];
Password = argv[3];
Command = argv[4];
sprintf( buffer, "User = %s\n", argv[1] );
debug( buffer );
sprintf( buffer, "Domain = %s\n", argv[2] );
debug( buffer );
debug( "Password supplied, not logged\n" );
sprintf( buffer, "Command = %s\n", argv[4] );
debug( buffer );
if ( !AdjustCaller() )
{
RC = -1;
}
else
{
if ( !StartProcess( User, Domain, Password, Command ) )
{
RC = -1;
debug( "Couldn't start interactive client process!\n" );
}
}
}
if ( log != NULL )
(void) fclose( log );
return RC;
}
BOOL AdjustCaller( void )
{
HANDLE hToken;
if ( !OpenProcessToken( GetCurrentProcess(), TOKEN_ADJUST_PRIVILEGES |
TOKEN_QUERY, &hToken ) )
{
debug( "OpenProcessToken() failed, unable to query or adjust token privs\n" );
return FALSE;
}
if ( !SetPrivilege( hToken, SE_TCB_NAME, TRUE ) )
{
debug( "Couldn't set 'SE_TCB_NAME' privilege for this process!\n" );
return FALSE;
}
if ( !SetPrivilege( hToken, SE_ASSIGNPRIMARYTOKEN_NAME, TRUE ) )
{
debug( "Couldn't set 'SE_ASSIGNPRIMARYTOKEN_NAME' privilege for this process!\n" );
return FALSE;
}
if ( !SetPrivilege( hToken, SE_RESTORE_NAME, TRUE ) )
{
debug( "non-fatal: Couldn't set 'SE_RESTORE_NAME' privilege for this
process! Needed for LoadUserProfile()\n" );
}
if ( !SetPrivilege( hToken, SE_BACKUP_NAME, TRUE ) )
{
debug( "non-fatal: Couldn't set 'SE_BACKUP_NAME' privilege for this
process! Needed for LoadUserProfile()\n" );
}
if ( !SetPrivilege( hToken, SE_CHANGE_NOTIFY_NAME, TRUE ) )
{
debug( "non-fatal: Couldn't set 'SE_CHANGE_NOTIFY_NAME' privilege for
this process!\n" );
}
if ( !SetPrivilege( hToken, SE_INCREASE_QUOTA_NAME, TRUE ) )
{
debug( "Couldn't set 'SE_ASSIGNPRIMARYTOKEN_NAME' privilege for this
process!\n" );
return FALSE;
}
debug( "AdjustCaller(): privileges enabled -- YAY!\n" );
return TRUE;
}
BOOL SetPrivilege( HANDLE hToken, // access token handle
LPCTSTR lpszPrivilege, // name of privilege to
enable/disable
BOOL bEnablePrivilege )// to enable or disable privilege
{
TOKEN_PRIVILEGES tp;
LUID luid;
if ( !LookupPrivilegeValue( NULL, // lookup privilege on local
system
lpszPrivilege, // privilege to lookup
&luid ) )
{ // receives LUID of privilege
(void) sprintf( buffer, "Privilege: %s: LookupPrivilegeValue error:
%u\n", lpszPrivilege, GetLastError( ) );
debug( buffer );
return FALSE;
}
tp.PrivilegeCount = 1;
tp.Privileges[0].Luid = luid;
if ( bEnablePrivilege )
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED;
else
tp.Privileges[0].Attributes = 0;
// Enable the privilege or disable all privileges.
if ( !AdjustTokenPrivileges( hToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES),
(PTOKEN_PRIVILEGES) NULL, (PDWORD) NULL) )
{
(void) sprintf( buffer, "Privilege: %s: AdjustTokenPrivileges error:
%u\n", lpszPrivilege, GetLastError( ) );
debug( buffer );
return FALSE;
}
if ( GetLastError() == ERROR_NOT_ALL_ASSIGNED )
{
(void) sprintf( buffer, "Privilege: %s: The token does not have the
specified privilege.\n", lpszPrivilege );
debug( buffer );
return FALSE;
}
return TRUE;
}
BOOL StartProcess( LPTSTR lpszUsername,
LPTSTR lpszDomain,
LPTSTR lpszPassword,
LPTSTR lpCommandLine )
{
HANDLE hToken;
PROFILE_INFORMATION profileInformation;
BOOL bProfileLoaded = FALSE;
if ( !LogonUser( lpszUsername, lpszDomain, lpszPassword,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &hToken ) )
{
return FALSE;
}
ZeroMemory( &profileInformation, sizeof( profileInformation ) );
profileInformation.dwSize = sizeof( profileInformation );
profileInformation.lpUserName = lpszUsername;
profileInformation.dwFlags = PI_NOUI;
if ( (bProfileLoaded = LoadUserProfile( hToken, &profileInformation )) == FALSE )
{
sprintf( buffer, "LoadUserProfile() failed: LastError: %u\n",
GetLastError( ) );
debug( buffer );
}
}