Warning! Newbie issue - Impersonating a user on Win32

Roger Upole rupole at hotmail.com
Thu Jan 16 02:03:50 EST 2003 

The LogonUser works for me on Win2k.
According to the SDK docs, the calling process needs SE_TCB_NAME
and "in some cases" SE_CHANGE_NOTIFY_NAME.  You might want to try
giving yourself both of them before the call.
Also, the 'foo' user needs SE_INTERACTIVE_LOGON_NAME.
   HTH
          Roger

"Doug Glenn" <dglenn at charter.net> wrote in message
news:mailman.1042650398.19724.python-list at python.org...
> Greetings,
>
> I have run into a roadblock and I cannot figure it out :(
> A portion of the following code came from the Python
> cookbook. That code followed verbatim gives me a
> Exception: pywintypes.api_error (1314, 'LogonUser', 'A
> required privilege is not held by the client.'). Poking
> through mail lists gives me a temporary respite. This is
> the AdjustPriviledges() definition.  Then I had to go and
> discover what flags it was expecting. Using any of the
> flags below will result in None being returned, so it
> works... Just how can I use it with the below script? I
> get the error on the a.login() call.  What do I need to
> change to make this work?
>
> The scenario is running this as a normal user and it
> elevate the process priveledge to run a program for the
> user using Admin rights.  It is not allowing the login, so
> it skips the code to run the program.
>
> SE_CREATE_TOKEN_NAME              =
> "SeCreateTokenPrivilege"
> SE_ASSIGNPRIMARYTOKEN_NAME        =
> "SeAssignPrimaryTokenPrivilege"
> SE_LOCK_MEMORY_NAME               =
> "SeLockMemoryPrivilege"
> SE_INCREASE_QUOTA_NAME            =
> "SeIncreaseQuotaPrivilege"
> SE_UNSOLICITED_INPUT_NAME         =
> "SeUnsolicitedInputPrivilege"
> SE_MACHINE_ACCOUNT_NAME           =
> "SeMachineAccountPrivilege"
> SE_TCB_NAME                       = "SeTcbPrivilege"
> SE_SECURITY_NAME                  = "SeSecurityPrivilege"
> SE_TAKE_OWNERSHIP_NAME            =
> "SeTakeOwnershipPrivilege"
> SE_LOAD_DRIVER_NAME               =
> "SeLoadDriverPrivilege"
> SE_SYSTEM_PROFILE_NAME            =
> "SeSystemProfilePrivilege"
> SE_SYSTEMTIME_NAME                =
> "SeSystemtimePrivilege"
> SE_PROF_SINGLE_PROCESS_NAME       =
> "SeProfileSingleProcessPrivilege"
> SE_INC_BASE_PRIORITY_NAME         =
> "SeIncreaseBasePriorityPrivilege"
> SE_CREATE_PAGEFILE_NAME           =
> "SeCreatePagefilePrivilege"
> SE_CREATE_PERMANENT_NAME          =
> "SeCreatePermanentPrivilege"
> SE_BACKUP_NAME                    = "SeBackupPrivilege"
> SE_RESTORE_NAME                   = "SeRestorePrivilege"
> SE_SHUTDOWN_NAME                  = "SeShutdownPrivilege"
> SE_DEBUG_NAME                     = "SeDebugPrivilege"
> SE_AUDIT_NAME                     = "SeAuditPrivilege"
> SE_SYSTEM_ENVIRONMENT_NAME        =
> "SeSystemEnvironmentPrivilege"
> SE_CHANGE_NOTIFY_NAME             =
> "SeChangeNotifyPrivilege"
> SE_REMOTE_SHUTDOWN_NAME           =
> "SeRemoteShutdownPrivilege"
>
>
>
>
>
>
> import os
> import sys
> import win32security
> import win32con
> import win32api
> from ntsecuritycon import *
>
> program="sadmin.exe"
> #domain=os.getenv('COMPUTERNAME')
> domain=None
>
> def AdjustPrivilege(priv, enable = 1):
>      # Get the process token.
>      flags = TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
>      #flags= TOKEN_QUERY
>      htoken =
> win32security.OpenProcessToken(win32api.GetCurrentProcess(),
> flags)
>      # Get the ID for the privilege.
>      id = win32security.LookupPrivilegeValue(None, priv)
>      # Now obtain the privilege for this process.
>      # Create a list of the privileges to be added.
>      if enable:
>          newPrivileges = [(id, SE_PRIVILEGE_ENABLED)]
>      else:
>          newPrivileges = [(id, 0)]
>      # and make the adjustment.
>      win32security.AdjustTokenPrivileges(htoken, 0,
> newPrivileges)
>
>
>
> class Impersonate:
>
>      def __init__(self, login, password):
>          self.domain=domain
>          self.login=login
>          self.password=password
>      def logon(self):
>
self.handel=win32security.LogonUser(self.login,self.domain,self.password,win
32con.LOGON32_LOGON_INTERACTIVE,win32con.LOGON32_PROVIDER_DEFAULT)
>          win32security.ImpersonateLoggedOnUser(self.handel)
>      def logoff(self):
>          win32security.RevertToSelf() #terminates
> impersonation
>          self.handel.Close() #guarantees cleanup
>
>
> if __name__ =='__main__':
>      a=Impersonate('foo''bar')
>
>      try:
>          a.logon() #become the user
>          AdjustPrivilege(SE_SYSTEM_PROFILE_NAME)
>
>          try:
>              os.execvp(program)
>              print win32api.GetUserName() #show you're
> someone else
>          finally:
>              a.logoff() #return to normal
>      except:
>              print 'Exception:',sys.exc_type ,
> sys.exc_value
>




-----------== Posted via Newsfeed.Com - Uncensored Usenet News ==----------
   http://www.newsfeed.com       The #1 Newsgroup Service in the World!
-----= Over 100,000 Newsgroups - Unlimited Fast Downloads - 19 Servers =-----

More information about the Python-list mailing list