perlquestion
stringZ
Hey there,
<p>Does anyone know if there's a library or tool which could create a process as a normal user that has empty password. The situation is the following. My application runs with full administrative credentials (as a Windows service) under a LUA-enabled Windows 7. There are normal users (with limited rights) who are logged on locally (has their desktop shown), they can open applications (run processes) by double-clicking icons or from the command-line. I would like my service to create a process impersonating one of these logged on users. These users don't and won't have password, so <b>Win32::AdminMisc::CreateProcessAsUser()</b> is not an option since it requires <b>LogonAsUser()</b> which fails to impersonate a user with empty password. Running an application as a different user is also impossible with the command-line tool <b>RUNAS</b>. I understand this is for security reasons, but a network service should be able to somehow bypass this. So I'm looking for a solution similar to the <b>su</b> (or <b>login -f</b>) command under Linux. It doesn't require a password if you're root. My network service has elevated rights over the normal users I want it to impersonate.<br>Is there any solution or API call?</p>
<p>I have <a href="http://www.perlmonks.org/?node_id=932777" target="_blank">an older thread</a> in which I asked about creating a process with elevated privileges using the Windows API.<br>
One of the answers I got suggested using <b>Win32::FileOp::ShellExecute()</b>. Its syntax is the following:</p>
<code>
Win32::FileOp::ShellExecute( runas => 'theProgram.exe' )
</code>
<p>You can replace the string <b>runas</b> by <b>open</b>, in this case it won't elevate, but run <i>theProgram.exe</i> as the current user. <a href="http://www.perlmonks.org/?node_id=932840" target="_blank">Jenda, who wrote me this answer</a>, noted that I can use <b>runasuser</b> instead of <b>runas</b>, but I don't understand how it would fit in this syntax. Is it possible with ShellExecute()?</p>
<p>If there is no solution with my configuration, is there any if I disable LUA (still need to run as another user)?</p>
<p>Thank you,<br>
stringZ</p>