D
Darrell
On windows 2000 I tried to use winprocess.py with the login option.
In an effort to run as a diffrent user.
It didn't work and lots of searching didn't help.
This was my best hit.
http://www.faqts.com/knowledge_base/view.phtml/aid/4466
Worked around the problem using runas.exe
This is as far as I got.
The following code tries to give me every Privilege it can then fails.
pywintypes.error: (1314, 'LogonUser', 'A required privilege is not
held by the client.')
--Darrell
import win32con, os, sys
sys.path.append(os.sep.join(win32con.__file__.split(os.sep)[:-2])+os.sep+"demos")
import winprocess
from ntsecuritycon import *
import ntsecuritycon, win32security, win32api
def AdjustPrivilege(priv, enable = 1):
print priv
# Get the process token.
flags = TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY |TOKEN_DUPLICATE|
TOKEN_IMPERSONATE
#flags= TOKEN_QUERY
htoken = win32security.OpenProcessToken(win32api.GetCurrentProcess(),
flags)
# Get the ID for the privilege.
try:
id = win32security.LookupPrivilegeValue(None, priv)
except:
print 'Fail'
return
# Now obtain the privilege for this process.
# Create a list of the privileges to be added.
if enable:
newPrivileges = [(id, SE_PRIVILEGE_ENABLED)]
else:
newPrivileges = [(id, 0)]
# and make the adjustment.
win32security.AdjustTokenPrivileges(htoken, 0, newPrivileges)
# now set the rights
if 1:
for k, v in ntsecuritycon.__dict__.items():
if k.find("SE_")==0 and isinstance(v, str):
print k,
AdjustPrivilege(v)
AdjustPrivilege(SE_CHANGE_NOTIFY_NAME)
AdjustPrivilege(SE_TCB_NAME)
AdjustPrivilege(SE_ASSIGNPRIMARYTOKEN_NAME)
SE_INTERACTIVE_LOGON_NAME = "SeInteractiveLogonRight"
#AdjustPrivilege(SE_INTERACTIVE_LOGON_NAME)
if __name__ == '__main__':
# Pipe commands to a shell and display the output in notepad
print 'Testing winprocess.py...'
import tempfile
timeoutSeconds = 15
cmdString = """\
REM Test of winprocess.py piping commands to a shell.\r
REM This window will close in %d seconds.\r
vol\r
net user\r
_this_is_a_test_of_stderr_\r
""" % timeoutSeconds
cmd, out = tempfile.TemporaryFile(), tempfile.TemporaryFile()
cmd.write(cmdString)
cmd.seek(0)
print 'CMD.EXE exit code:', winprocess.run('cmd.exe', show=0,
stdin=cmd, login=".\nuser\nuser1",#administrator\n",
stdout=out, stderr=out)
cmd.close()
print 'NOTEPAD exit code:', winprocess.run('notepad.exe %s' %
out.file.name,
show=win32con.SW_MAXIMIZE,
mSec=timeoutSeconds*1000)
out.close()
In an effort to run as a diffrent user.
It didn't work and lots of searching didn't help.
This was my best hit.
http://www.faqts.com/knowledge_base/view.phtml/aid/4466
Worked around the problem using runas.exe
This is as far as I got.
The following code tries to give me every Privilege it can then fails.
pywintypes.error: (1314, 'LogonUser', 'A required privilege is not
held by the client.')
--Darrell
import win32con, os, sys
sys.path.append(os.sep.join(win32con.__file__.split(os.sep)[:-2])+os.sep+"demos")
import winprocess
from ntsecuritycon import *
import ntsecuritycon, win32security, win32api
def AdjustPrivilege(priv, enable = 1):
print priv
# Get the process token.
flags = TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY |TOKEN_DUPLICATE|
TOKEN_IMPERSONATE
#flags= TOKEN_QUERY
htoken = win32security.OpenProcessToken(win32api.GetCurrentProcess(),
flags)
# Get the ID for the privilege.
try:
id = win32security.LookupPrivilegeValue(None, priv)
except:
print 'Fail'
return
# Now obtain the privilege for this process.
# Create a list of the privileges to be added.
if enable:
newPrivileges = [(id, SE_PRIVILEGE_ENABLED)]
else:
newPrivileges = [(id, 0)]
# and make the adjustment.
win32security.AdjustTokenPrivileges(htoken, 0, newPrivileges)
# now set the rights
if 1:
for k, v in ntsecuritycon.__dict__.items():
if k.find("SE_")==0 and isinstance(v, str):
print k,
AdjustPrivilege(v)
AdjustPrivilege(SE_CHANGE_NOTIFY_NAME)
AdjustPrivilege(SE_TCB_NAME)
AdjustPrivilege(SE_ASSIGNPRIMARYTOKEN_NAME)
SE_INTERACTIVE_LOGON_NAME = "SeInteractiveLogonRight"
#AdjustPrivilege(SE_INTERACTIVE_LOGON_NAME)
if __name__ == '__main__':
# Pipe commands to a shell and display the output in notepad
print 'Testing winprocess.py...'
import tempfile
timeoutSeconds = 15
cmdString = """\
REM Test of winprocess.py piping commands to a shell.\r
REM This window will close in %d seconds.\r
vol\r
net user\r
_this_is_a_test_of_stderr_\r
""" % timeoutSeconds
cmd, out = tempfile.TemporaryFile(), tempfile.TemporaryFile()
cmd.write(cmdString)
cmd.seek(0)
print 'CMD.EXE exit code:', winprocess.run('cmd.exe', show=0,
stdin=cmd, login=".\nuser\nuser1",#administrator\n",
stdout=out, stderr=out)
cmd.close()
print 'NOTEPAD exit code:', winprocess.run('notepad.exe %s' %
out.file.name,
show=win32con.SW_MAXIMIZE,
mSec=timeoutSeconds*1000)
out.close()