|
|
|
date: Thu, 24 Nov 2005 06:50:25 +0300,
group: microsoft.public.platformsdk.com_ole
back
Impersonation & ROT
Hello,
I want to run program under User1 and to enumerate objects registered in ROT
for User2. I use LogonUser/ImpersonateLoggedOnUser. All is ok if I run code
from a stand-alone executable. The problems occure in such situation:
I have COM object (DLL) with method TestDumpROT. I instantiate this object
in VB6 executable (started under User1), and call TestDumpROT (that in turn
calls dumpROT). But instead of expected User2 ROT I see User1 ROT :-(
Both LogonUser and ImpersonateLoggedOnUser succeeds, so I cann't figure out
why this is happen. Any help will be very appreciated !!!
Here is my code:
= = = = COM Object = = = =
// This will be called under User1
HRESULT TestObject::TestDumpROT()
{
dumpROT(); // User2 credentials hardcoded in DumpROTThreadProc
return S_OK;
}
= = = = Utility Functions = = = =
HRESULT TraceROT()
{
//
// Get the ROT interface pointer
//
IRunningObjectTable * pROT;
HRESULT hr = GetRunningObjectTable( 0, & pROT );
if(FAILED(hr)) {
return hr;
}
//
// Enumerate registered Objects
//
IEnumMoniker * pEnum;
hr = pROT->EnumRunning( &pEnum );
if(FAILED(hr)) {
return hr;
}
//
// Loop throught the ROT entries
//
BSTR curName;
IMalloc * pMalloc;
CoGetMalloc(1, & pMalloc);
INT nItem = 0;
IMoniker* pMoniker = NULL;
while ( S_OK == pEnum->Next(1, & pMoniker, NULL) && pMoniker != NULL)
{
IBindCtx * pContext;
hr = CreateBindCtx( 0, &pContext );
if ( SUCCEEDED(hr) ) {
// Get the display name
WCHAR* wsCurName = NULL;
hr = pMoniker->GetDisplayName( pContext,
NULL, &wsCurName );
curName = wsCurName;
// Add into the list
Trace("[ROT] %d, %S", nItem, wsCurName);
nItem++;
pMalloc->Free(wsCurName);
pContext->Release();
pContext = NULL;
pMoniker->Release();
pMoniker = NULL;
}
}
pMalloc->Release();
pMalloc = NULL;
pEnum->Release();
pEnum = NULL;
pROT->Release();
pROT = NULL;
return hr;
}
DWORD WINAPI DumpROTThreadProc(LPVOID lpParameter)
{
CoInitialize(0);
LPCTSTR szUserName = "User2";
LPCTSTR szDomain = "Domain";
LPCTSTR szPassword = "User2Password";
HANDLE htok = 0;
if ( !LogonUser( szUserName, szDomain, szPassword,
LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &htok ) )
{
return 0;
}
if ( ImpersonateLoggedOnUser( htok ) )
{
TraceROT();
}
CloseHandle(htok);
RevertToSelf();
CoUninitialize();
return 0;
}
void dumpROT() {
DWORD tid;
CreateThread(
NULL,
0,
DumpROTThreadProc,
0,
0,
& tid
);
}
= = = = =
Thank you for your time !!!
- Alex.
date: Thu, 24 Nov 2005 06:50:25 +0300
author: Alex
Re: Impersonation & ROT
I thought that the Running Object Table (ROT) is global to the machine and
lists all registered objects, not just those created by a particular user. I
certainly see no mention that the user matters in any of the COM
documentation. Do you? What makes you think the user matters?
Paul
"Alex" wrote in message
news:eyk05oK8FHA.3804@TK2MSFTNGP12.phx.gbl...
> Hello,
>
> I want to run program under User1 and to enumerate objects registered in
> ROT
> for User2. I use LogonUser/ImpersonateLoggedOnUser. All is ok if I run
> code
> from a stand-alone executable. The problems occure in such situation:
>
> I have COM object (DLL) with method TestDumpROT. I instantiate this object
> in VB6 executable (started under User1), and call TestDumpROT (that in
> turn
> calls dumpROT). But instead of expected User2 ROT I see User1 ROT :-(
>
> Both LogonUser and ImpersonateLoggedOnUser succeeds, so I cann't figure
> out
> why this is happen. Any help will be very appreciated !!!
>
> Here is my code:
>
> = = = = COM Object = = = =
>
> // This will be called under User1
> HRESULT TestObject::TestDumpROT()
> {
> dumpROT(); // User2 credentials hardcoded in DumpROTThreadProc
>
> return S_OK;
> }
>
> = = = = Utility Functions = = = =
>
> HRESULT TraceROT()
> {
> //
> // Get the ROT interface pointer
> //
> IRunningObjectTable * pROT;
> HRESULT hr = GetRunningObjectTable( 0, & pROT );
> if(FAILED(hr)) {
> return hr;
> }
>
>
> //
> // Enumerate registered Objects
> //
> IEnumMoniker * pEnum;
> hr = pROT->EnumRunning( &pEnum );
> if(FAILED(hr)) {
> return hr;
> }
>
>
> //
> // Loop throught the ROT entries
> //
> BSTR curName;
>
> IMalloc * pMalloc;
> CoGetMalloc(1, & pMalloc);
>
>
> INT nItem = 0;
> IMoniker* pMoniker = NULL;
> while ( S_OK == pEnum->Next(1, & pMoniker, NULL) && pMoniker != NULL)
> {
> IBindCtx * pContext;
> hr = CreateBindCtx( 0, &pContext );
>
> if ( SUCCEEDED(hr) ) {
> // Get the display name
> WCHAR* wsCurName = NULL;
>
> hr = pMoniker->GetDisplayName( pContext,
> NULL, &wsCurName );
>
> curName = wsCurName;
>
> // Add into the list
> Trace("[ROT] %d, %S", nItem, wsCurName);
> nItem++;
>
> pMalloc->Free(wsCurName);
>
> pContext->Release();
> pContext = NULL;
>
> pMoniker->Release();
> pMoniker = NULL;
> }
> }
>
> pMalloc->Release();
> pMalloc = NULL;
>
> pEnum->Release();
> pEnum = NULL;
>
> pROT->Release();
> pROT = NULL;
>
> return hr;
> }
>
> DWORD WINAPI DumpROTThreadProc(LPVOID lpParameter)
> {
> CoInitialize(0);
>
>
> LPCTSTR szUserName = "User2";
> LPCTSTR szDomain = "Domain";
> LPCTSTR szPassword = "User2Password";
>
> HANDLE htok = 0;
> if ( !LogonUser( szUserName, szDomain, szPassword,
> LOGON32_LOGON_INTERACTIVE, LOGON32_PROVIDER_DEFAULT, &htok ) )
> {
> return 0;
> }
>
> if ( ImpersonateLoggedOnUser( htok ) )
> {
> TraceROT();
> }
>
> CloseHandle(htok);
> RevertToSelf();
>
> CoUninitialize();
>
> return 0;
> }
>
> void dumpROT() {
> DWORD tid;
>
> CreateThread(
> NULL,
> 0,
> DumpROTThreadProc,
> 0,
> 0,
> & tid
> );
> }
>
> = = = = =
>
> Thank you for your time !!!
>
> - Alex.
>
>
>
date: Sat, 26 Nov 2005 21:40:37 -0500
author: Paul Baker
|
|
