I have an application running as a regular user and a service running as a local system. I want the application to be able to tell the service to restart the application as soon as the service has completed some other actions. (Thus, the application will not work until the service does this βthing.β) For the service to be able to run the application as the user who first launched it, it needs a user token. The application sends a token to the service before it shuts down, but the token / handle is invalid when the service tries to use it. (The first thing he does is DuplicateTokenEx get the primary token.)
Is a user token always valid only in a process called OpenProcessToken?
Is there any other way to do this? I do not want the user to "log in" to the application using logonuser. That would be just stupid. I think I could pass the process descriptor for "explorer.exe" from the application to the service, which the service could use to get the user token, but this would require the PROCESS DUP HANDLE access right. I am not happy with this decision, but maybe this is the way to do it?
source
share