Warning! Newbie issue - Impersonating a user on Win32
Doug Glenn
dglenn at charter.net
Wed Jan 15 12:01:44 EST 2003
Greetings,
I have run into a roadblock and I cannot figure it out :(
A portion of the following code came from the Python
cookbook. That code followed verbatim gives me a
Exception: pywintypes.api_error (1314, 'LogonUser', 'A
required privilege is not held by the client.'). Poking
through mail lists gives me a temporary respite. This is
the AdjustPriviledges() definition. Then I had to go and
discover what flags it was expecting. Using any of the
flags below will result in None being returned, so it
works... Just how can I use it with the below script? I
get the error on the a.login() call. What do I need to
change to make this work?
The scenario is running this as a normal user and it
elevate the process priveledge to run a program for the
user using Admin rights. It is not allowing the login, so
it skips the code to run the program.
SE_CREATE_TOKEN_NAME =
"SeCreateTokenPrivilege"
SE_ASSIGNPRIMARYTOKEN_NAME =
"SeAssignPrimaryTokenPrivilege"
SE_LOCK_MEMORY_NAME =
"SeLockMemoryPrivilege"
SE_INCREASE_QUOTA_NAME =
"SeIncreaseQuotaPrivilege"
SE_UNSOLICITED_INPUT_NAME =
"SeUnsolicitedInputPrivilege"
SE_MACHINE_ACCOUNT_NAME =
"SeMachineAccountPrivilege"
SE_TCB_NAME = "SeTcbPrivilege"
SE_SECURITY_NAME = "SeSecurityPrivilege"
SE_TAKE_OWNERSHIP_NAME =
"SeTakeOwnershipPrivilege"
SE_LOAD_DRIVER_NAME =
"SeLoadDriverPrivilege"
SE_SYSTEM_PROFILE_NAME =
"SeSystemProfilePrivilege"
SE_SYSTEMTIME_NAME =
"SeSystemtimePrivilege"
SE_PROF_SINGLE_PROCESS_NAME =
"SeProfileSingleProcessPrivilege"
SE_INC_BASE_PRIORITY_NAME =
"SeIncreaseBasePriorityPrivilege"
SE_CREATE_PAGEFILE_NAME =
"SeCreatePagefilePrivilege"
SE_CREATE_PERMANENT_NAME =
"SeCreatePermanentPrivilege"
SE_BACKUP_NAME = "SeBackupPrivilege"
SE_RESTORE_NAME = "SeRestorePrivilege"
SE_SHUTDOWN_NAME = "SeShutdownPrivilege"
SE_DEBUG_NAME = "SeDebugPrivilege"
SE_AUDIT_NAME = "SeAuditPrivilege"
SE_SYSTEM_ENVIRONMENT_NAME =
"SeSystemEnvironmentPrivilege"
SE_CHANGE_NOTIFY_NAME =
"SeChangeNotifyPrivilege"
SE_REMOTE_SHUTDOWN_NAME =
"SeRemoteShutdownPrivilege"
import os
import sys
import win32security
import win32con
import win32api
from ntsecuritycon import *
program="sadmin.exe"
#domain=os.getenv('COMPUTERNAME')
domain=None
def AdjustPrivilege(priv, enable = 1):
# Get the process token.
flags = TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY
#flags= TOKEN_QUERY
htoken =
win32security.OpenProcessToken(win32api.GetCurrentProcess(),
flags)
# Get the ID for the privilege.
id = win32security.LookupPrivilegeValue(None, priv)
# Now obtain the privilege for this process.
# Create a list of the privileges to be added.
if enable:
newPrivileges = [(id, SE_PRIVILEGE_ENABLED)]
else:
newPrivileges = [(id, 0)]
# and make the adjustment.
win32security.AdjustTokenPrivileges(htoken, 0,
newPrivileges)
class Impersonate:
def __init__(self, login, password):
self.domain=domain
self.login=login
self.password=password
def logon(self):
self.handel=win32security.LogonUser(self.login,self.domain,self.password,win32con.LOGON32_LOGON_INTERACTIVE,win32con.LOGON32_PROVIDER_DEFAULT)
win32security.ImpersonateLoggedOnUser(self.handel)
def logoff(self):
win32security.RevertToSelf() #terminates
impersonation
self.handel.Close() #guarantees cleanup
if __name__ =='__main__':
a=Impersonate('foo''bar')
try:
a.logon() #become the user
AdjustPrivilege(SE_SYSTEM_PROFILE_NAME)
try:
os.execvp(program)
print win32api.GetUserName() #show you're
someone else
finally:
a.logoff() #return to normal
except:
print 'Exception:',sys.exc_type ,
sys.exc_value
More information about the Python-list
mailing list