I have a windows service runs under "LocalSystem" account.
What i can do with this service:
I can get active user token and start a new process to user session interactively by using CreateProcessAsUser.
I can get another user token by LogonUser api, and start a new process by that user. (I know username and password of that account). Its background process running as my test user (not interactive)
I need to replace logged on user by another user that i have credentials of it. I need to switch accounts programmatically.
Can I switch to new user session (with desktop) as interactive? I have that user's username and password.
Purpose i need to do this;
I have a shared user account that is administrator in some test computers. I dont want to share account password of that user account with testers using test computers. I need them to login to their self accounts that are not administrator, after logon i will need to replace user with my shared user with my windows service.
Is this technically possible? Where should i start?
CodePudding user response:
I could switch accounts with or without password using WTSConnectSession. If someone curious about fast switching sessions below is the code runs under windows service (LocalSystem);
[DllImport("wtsapi32.dll", CharSet = CharSet.Auto, SetLastError = true)]
public static extern int WTSConnectSession(int targetSessionId, int sourceSessionId, string password, bool wait);
WTSConnectSession([TargetSessionId], [CurrentActiveSessionId], "", true);
You can enumerate sessions with;
[DllImport("wtsapi32.dll", SetLastError = true)]
public static extern bool WTSEnumerateSessions(IntPtr hServer, int Reserved, int Version, out IntPtr ppSessionInfo, out int pCount);