Running a program as another user on Win32

edwardm_painewebber at edwardm_painewebber at
Sat Nov 13 14:18:44 EST 1999

I did not try the code (although I will), I did discover that before
you posted though. I used ntrights.exe (part of the NT Reskit) to grant
myself rights. The problem was I had to log off and on again for the
rights to take affect. This won't work for the application that I was
trying to use the program for. It looks like the security info for a
user is set during logon and not gotten again, at least not until the
next logon. I will try the code attached below once I have some time...

Great product so far Mark! I hope to be able to convince enough people
here to start using python vs. WinBatch. Especially since we can also
run python on our Solaris and AIX boxes (sans Win32 extension of

You know it amazes me....Most of the solaris people use korn shell
scripts, some use perl, the nt people use batch files and winbatch, the
AIX people (well god knows what they use)...If we all used python here
we could build a huge library of utilities and make large parts of it
work cross platform....It would be great......Ahhh..To dream....


In article <e11W3.33036$pf4.31242 at>,
  "Mark Hammond" <mhammond at> wrote:
> emuller at wrote in message <809ea4
$ln$1 at>...
> >I am writing a bunch of scripts that will need to run as
> >(Domain Administrator) on Windows NT 4.0 workstation clients that
> >belong to an NT domain. I've tried using LogonUser, but I always get
> >the following: pywintypes.api_error: (1314, 'LogonUser', ' A required
> >privilege is not held by the client.'). I've also tried using
> >with the local Administrator account on my NT machine with no luck.
> You need to explicitely enable the privilege.  The following function
> do the job.  The documentation on CreateProcessAsUser is vague, and I
> have time to test it.  It appears you need some or all of the
> privileges (all from the ntsecuritycon module):
> def AdjustPrivilege(priv, enable = 1):
>     # Get the process token.
>     htoken = win32security.OpenProcessToken(win32api.GetCurrentProcess
> flags)
>     # Get the ID for the privilege.
>     id = win32security.LookupPrivilegeValue(None, priv)
>     # Now obtain the privilege for this process.
>     # Create a list of the privileges to be added.
>     if enable:
>         newPrivileges = [(id, SE_PRIVILEGE_ENABLED)]
>     else:
>         newPrivileges = [(id, 0)]
>     # and make the adjustment.
>     win32security.AdjustTokenPrivileges(htoken, 0, newPrivileges)
> Mark.

Sent via
Before you buy.

More information about the Python-list mailing list