got error 1314 when doing SetTokenInformation

#include <windows.h>
#include <stdio.h>
#include <Userenv.h>
#include <Wtsapi32.h>
int main() {
    DWORD err;
    err=GetLastError();
    printf( "err001:%d\n",err);
    HANDLE hTokenThis = NULL;
    HANDLE hT开发者_StackOverflow社区okenDup = NULL;
    HANDLE hThisProcess = GetCurrentProcess();
    OpenProcessToken(hThisProcess, TOKEN_ALL_ACCESS, &hTokenThis);
    err=GetLastError();
    printf( "err002:%d\n",err);
    DuplicateTokenEx(hTokenThis, MAXIMUM_ALLOWED,NULL, SecurityIdentification, TokenPrimary, &hTokenDup);
    err=GetLastError();
    printf( "err003:%d\n",err);
    DWORD dwSessionId = WTSGetActiveConsoleSessionId();
    WTSQueryUserToken(dwSessionId, hTokenDup);
    //DWORD dwSessionId = 1;
    SetTokenInformation(hTokenDup, TokenSessionId, &dwSessionId, sizeof(DWORD));
    err=GetLastError();
    printf( "err004:%d\n",err);
    STARTUPINFO si;
    PROCESS_INFORMATION pi;
    ZeroMemory(&si, sizeof(STARTUPINFO));
    ZeroMemory(&pi, sizeof(PROCESS_INFORMATION));
    si.cb = sizeof(STARTUPINFO);
    si.lpDesktop = "WinSta0\\Default";
    LPVOID pEnv = NULL;
    DWORD dwCreationFlag = NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE;
    CreateEnvironmentBlock(&pEnv, hTokenDup, FALSE);
    err=GetLastError();
    printf( "err005:%d\n",err);
    CreateProcessAsUser(
            hTokenDup,
            NULL,
            (char *)"notepad",
            NULL,
            NULL,
            FALSE,
            dwCreationFlag,
            pEnv,
            NULL,
            &si,
            &pi);
    printf("here we go\n");
    err=GetLastError();
    printf( "err006:%d\n",err);

    return 0;
}

Compile: gcc -o session.exe session.c c://Windows/System32/kernel32.dll c://Window s/System32/wtsapi32.dll -lUserenv

Running Result:

session.exe
err001:126
err002:126
err003:126
err004:1314
err005:203
here we go
err006:87

gcc version 4.5.2 (GCC) from mingw.

btw, just ignore the error 126.

My question is : Why got error 1314?

I want to start a program in the interactive desktop from service by using CreateProcessAsUser without knowing the logon user and password.

Error 1314 is "A required privilege is not held by the client".

From the WTSQueryUserToken() docs (http://msdn.microsoft.com/en-us/library/aa383840.aspx):

To call this function successfully, the calling application must be running within the context of the LocalSystem account and have the SE_TCB_NAME privilege

Also your call to WTSQueryUserToken() should look like:

WTSQueryUserToken(dwSessionId, &hTokenDup);

And you'll need appropriate privileges for SetTokenInformation() enabled as well.

Bottom line is that you're trying to do something that Windows reserves for highly privileged processes, so you'll need to make sure your process is configured to run appropriately (maybe as a service that talks to a regular non-privileged process for user interaction).