標籤:總結 電腦配置 apr debug store ntp 使用者權限 page nat
很多部落格都有記載如何在session0下建立進程的辦法,也就是使用CreateProcessAsUser。但是這個要求服務的進程有SE_INCREASE_QUOTA_NAME和SE_ASSIGNPRIMARYTOKEN_NAME許可權。如果設定的登入使用者是LocalServer的話,是預設有以上兩個許可權。但是如果是自己建立的賬戶,那麼是不具有SE_ASSIGNPRIMARYTOKEN_NAME的許可權。
查看使用者的許可權可以通過gpedit.msc工具中,在“電腦配置”-- “Windows設定” -- “安全設定” -- “本地策略” -- “使用者權限分配”中查看。或者通過secedit.exe匯出本地策略。
手動可以通過以上的方法設定,但是通過程式,在登入賬戶下的進程是無法設定。但是可以使用secedit.exe進行匯出匯入進行設定。匯出的資訊包括以下一部分:
1 [Privilege Rights] 2 SeNetworkLogonRight = *S-1-1-0,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551,*S-1-5-32-581 3 SeBackupPrivilege = *S-1-5-32-544,*S-1-5-32-551 4 SeChangeNotifyPrivilege = *S-1-1-0,*S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551 5 SeSystemtimePrivilege = *S-1-5-19,*S-1-5-32-544 6 SeCreatePagefilePrivilege = *S-1-5-32-544 7 SeDebugPrivilege = *S-1-5-32-544 8 SeRemoteShutdownPrivilege = *S-1-5-32-544 9 SeAuditPrivilege = *S-1-5-19,*S-1-5-20 10 SeIncreaseQuotaPrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544 11 SeIncreaseBasePriorityPrivilege = *S-1-5-32-544 12 SeLoadDriverPrivilege = *S-1-5-32-544 13 SeBatchLogonRight = *S-1-5-32-544,*S-1-5-32-551,*S-1-5-32-559 14 SeServiceLogonRight = *S-1-5-20,*S-1-5-80-0,*S-1-5-83-0 15 SeInteractiveLogonRight = __vmware__,Guest,*S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551,*S-1-5-32-581 16 SeSecurityPrivilege = *S-1-5-32-544 17 SeSystemEnvironmentPrivilege = *S-1-5-32-544 18 SeProfileSingleProcessPrivilege = *S-1-5-32-544 19 SeSystemProfilePrivilege = *S-1-5-32-544,*S-1-5-80-3139157870-2983391045-3678747466-658725712-1809340420 20 SeAssignPrimaryTokenPrivilege = *S-1-5-19,*S-1-5-20 21 SeRestorePrivilege = *S-1-5-32-544,*S-1-5-32-551 22 SeShutdownPrivilege = *S-1-5-32-544,*S-1-5-32-545,*S-1-5-32-551 23 SeTakeOwnershipPrivilege = *S-1-5-32-544 24 SeDenyNetworkLogonRight = Guest 25 SeDenyInteractiveLogonRight = Guest 26 SeUndockPrivilege = *S-1-5-32-544,*S-1-5-32-545 27 SeManageVolumePrivilege = *S-1-5-32-544 28 SeRemoteInteractiveLogonRight = *S-1-5-32-544,*S-1-5-32-555 29 SeImpersonatePrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-6 30 SeCreateGlobalPrivilege = *S-1-5-19,*S-1-5-20,*S-1-5-32-544,*S-1-5-6 31 SeIncreaseWorkingSetPrivilege = *S-1-5-32-545 32 SeTimeZonePrivilege = *S-1-5-19,*S-1-5-32-544,*S-1-5-32-545 33 SeCreateSymbolicLinkPrivilege = *S-1-5-32-544,*S-1-5-83-0 34
使用賬戶的SID,更新到SeAssignPrimaryTokenPrivilege欄位,該使用者即可擁有了SE_ASSIGNPRIMARYTOKEN_NAME許可權。擷取SID可以通過LookupAccountName函數。
整個過程總結一下:
第一步:使用LookupAccountName,通過服務登入賬戶名,擷取該賬戶的SID;
第二步:secedit.exe匯出本地策略,將第一步擷取的SID更新到SeAssignPrimaryTokenPrivilege欄位;
第三步:使用secedit.exe,將新的設定檔匯入到系統;
第四步:重啟電腦;
第五步:在服務進程中,使用CreateProcessAsUser進行子進程的建立。
Windows平台下的session0建立進程的問題與解決辦法
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
