With Isolation, One thing I would note is that the CREATE_NO_WINDOW may be the new requirement.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 |
Public Sub StartLockProcess(ByVal ProcessName As String) Dim intPtr1 As IntPtr = 0 Dim intPtr2 As IntPtr = 0 Dim intPtr3 As IntPtr = 0 Dim flag As Boolean Dim name As String '&H2000000 If WTSQueryUserToken(WTSGetActiveConsoleSessionId, intPtr3) Then If DuplicateTokenEx(intPtr1, GENERIC_ALL_ACCESS, Nothing, SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, TOKEN_TYPE.TokenPrimary, intPtr2) Then Dim windowsIdentity As Security.Principal.WindowsIdentity = New Security.Principal.WindowsIdentity(intPtr3) Dim windowsPrincipal As Security.Principal.WindowsPrincipal = New Security.Principal.WindowsPrincipal(windowsIdentity) flag = windowsPrincipal.IsInRole(Security.Principal.WindowsBuiltInRole.Administrator) name = windowsIdentity.Name Else flag = False name = "ERROR" End If LaunchProcessAsUser(ProcessName, intPtr3, IntPtr.Zero, "Winsta0\default") '"WinSta0\WinLogon" CloseHandle(intPtr3) Else Dim SessionForRDP() As strSessionsInfo = GetSessions(Nothing) For Each MySession As strSessionsInfo In SessionForRDP If MySession.StationName.ToString.StartsWith("RDP-Tcp") Then If WTSQueryUserToken(MySession.SessionID, intPtr3) Then If (DuplicateTokenEx(intPtr1, GENERIC_ALL_ACCESS, Nothing, SECURITY_IMPERSONATION_LEVEL.SecurityIdentification, TOKEN_TYPE.TokenPrimary, intPtr2)) Then Dim windowsIdentity As Security.Principal.WindowsIdentity = New Security.Principal.WindowsIdentity(intPtr3) Dim windowsPrincipal As Security.Principal.WindowsPrincipal = New Security.Principal.WindowsPrincipal(windowsIdentity) flag = windowsPrincipal.IsInRole(Security.Principal.WindowsBuiltInRole.Administrator) name = windowsIdentity.Name Else flag = False name = "ERROR" End If LaunchProcessAsUser(ProcessName, intPtr3, IntPtr.Zero, "Winsta0\default") '"WinSta0\WinLogon" CloseHandle(intPtr3) End If End If Next End If End Sub Public Function LaunchProcessAsUser(ByVal cmdLine As String, ByVal token As IntPtr, ByVal envBlock As IntPtr, Optional ByVal WinSta As String = "Winsta0\default") As Boolean '"WinSta0\Default" Dim result As Boolean = False Dim pi As PROCESS_INFORMATION = New PROCESS_INFORMATION Dim saProcess As SECURITY_ATTRIBUTES = New SECURITY_ATTRIBUTES Dim saThread As SECURITY_ATTRIBUTES = New SECURITY_ATTRIBUTES saProcess.nLength = Convert.ToUInt32(Marshal.SizeOf(saProcess)) saThread.nLength = Convert.ToUInt32(Marshal.SizeOf(saThread)) Dim si As STARTUPINFO = New STARTUPINFO si.cb = Convert.ToUInt32(Marshal.SizeOf(si)) si.lpDesktop = WinSta si.dwFlags = Convert.ToUInt32(STARTF_USESHOWWINDOW Or STARTF_FORCEONFEEDBACK) si.wShowWindow = SW_HIDE 'Windows 10 requires hide'SW_SHOW 'CREATE_UNICODE_ENVIRONMENT Try result = CreateProcessAsUser(token, cmdLine, Nothing, saProcess, saThread, False, CreateProcessFlags.CREATE_NO_WINDOW, envBlock, Nothing, si, pi) If result = False Then Dim Myerror As Integer = Marshal.GetLastWin32Error Dim message As String = String.Format("CreateProcessAsUser Error: {0}", Myerror) Debug.WriteLine(message) End If Catch ex As Exception Debug.WriteLine(ex.Message) End Try Return result End Function |