Reputation: 8213
System.Management.ManagementException: "Privilege not held." When trying to Shutdown Windows 7 in C# 4.0 using WMI
I have a program with some legacy code that does the following to shutdown windows:
ManagementClass mc = new ManagementClass( "Win32_OperatingSystem" );
mc.Get();
mc.Scope.Options.EnablePrivileges = true;
ManagementBaseObject mboShutdown = mc.GetMethodParameters( "Win32Shutdown" );
mboShutdown["Flags"] = "5"; // shutdown + force
mboShutdown["Reserved"] = "0";
foreach( ManagementObject mbo in mc.GetInstances() )
{
mbo.InvokeMethod( "Win32Shutdown", mboShutdown, null );
}
It was a .NET 3.5 application, and it was working without a problem. Recently, a dependency upgrade required bumping the target framework to 4.0 client profile. Now, whenever the code runs, I am getting the following exception:
System.Management.ManagementException: "Privilege not held."
The application is running under an Admin account on Windows 7, and nothing has changed other than updating this software.
The only information I have been able to find while searching for a solution was some very old bug reports about .NET 1.1, and the following thread on msdn that was never answered: http://social.msdn.microsoft.com/Forums/vstudio/en-US/fa0bcae5-6f30-42b6-bb5f-b8a6edb88ac4/encountered-privillege-not-held-exception-when-rebooting-the-server-in-net40-framewrk
Does anyone know what the cause of this issue is? Do I need to stop using WMI and just PInvoke InitiateSystemShutdownEx or something similar?
Upvotes: 2
Views: 3379
Answers (2)
Reputation: 5257
After you apply the April 2017 security updates described in Microsoft security update guidance CVE-2017-0160, the PowerShell v3.0+ stop-computer command fails. Additionally, if applications use power management methods, such as shutdown or reboot, from the Win32_OperatingSystem class and set the EnablePrivileges attribute to true, they may observe the same failure. A "Privilege not held" error message is returned.
Customer applications using power management methods, such as shutdown or reboot, from the Win32_OperatingSystem class and set the EnablePrivileges attribute to true, may observe the same “Privilege not held” error.
Example 2 (C# code) returns “Privilege not held” error:
[STAThread]
static void Main(string[] args)
{
ManagementClass mgmtObject = new ManagementClass("Win32_OperatingSystem");
foreach (ManagementObject iterMgmtObject in mgmtObject.GetInstances())
{
iterMgmtObject.Scope.Options.EnablePrivileges = true;
iterMgmtObject.InvokeMethod("Reboot", null, null);
}
}
To resolve this problem, install the update your system. More in the article.
Upvotes: 0
Reputation: 8213
Ok, so it probably has to do with SE_SHUTDOWN_NAME privilege. I'm not sure why it was working under .NET 3.5 and not .NET 4.0, but the following workaround works:
[StructLayout( LayoutKind.Sequential, Pack = 1 )]
internal struct TokPriv1Luid
{
public int Count;
public long Luid;
public int Attr;
}
[DllImport( "kernel32.dll", ExactSpelling = true )]
internal static extern IntPtr GetCurrentProcess();
[DllImport( "advapi32.dll", ExactSpelling = true, SetLastError = true )]
internal static extern bool OpenProcessToken( IntPtr h, int acc, ref IntPtr phtok );
[DllImport( "advapi32.dll", SetLastError = true )]
internal static extern bool LookupPrivilegeValue( string host, string name, ref long pluid );
[DllImport( "advapi32.dll", ExactSpelling = true, SetLastError = true )]
internal static extern bool AdjustTokenPrivileges( IntPtr htok, bool disall, ref TokPriv1Luid newst, int len, IntPtr prev, IntPtr relen );
[DllImport( "user32.dll", ExactSpelling = true, SetLastError = true )]
internal static extern bool ExitWindowsEx( int flg, int rea );
public const int SE_PRIVILEGE_ENABLED = 0x00000002;
public const int TOKEN_QUERY = 0x00000008;
public const int TOKEN_ADJUST_PRIVILEGES = 0x00000020;
public const string SE_SHUTDOWN_NAME = "SeShutdownPrivilege";
public const int EWX_LOGOFF = 0x00000000;
public const int EWX_SHUTDOWN = 0x00000001;
public const int EWX_REBOOT = 0x00000002;
public const int EWX_FORCE = 0x00000004;
public const int EWX_POWEROFF = 0x00000008;
public const int EWX_FORCEIFHUNG = 0x00000010;
public static bool DoExitWin( int flg )
{
TokPriv1Luid tp;
var hproc = GetCurrentProcess();
var htok = IntPtr.Zero;
OpenProcessToken( hproc, TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY, ref htok );
tp.Count = 1;
tp.Luid = 0;
tp.Attr = SE_PRIVILEGE_ENABLED;
LookupPrivilegeValue( null, SE_SHUTDOWN_NAME, ref tp.Luid );
AdjustTokenPrivileges( htok, false, ref tp, 0, IntPtr.Zero, IntPtr.Zero );
return ExitWindowsEx( flg, 0 );
}
I haven't tried, but my guess is that the WMI call might work after using the AdjustTokenPrivileges call as well.
Upvotes: 2
Related Questions
- Access is denied. (Exception from HRESULT: 0x80070005 (E_ACCESSDENIED)
- Win32Shutdown method in WMI - C++
- C# program won't launch when running as non-admin
- can't terminate process using WMI but taskkill works
- Win32_Service shoots management Exception(access denied)
- C# WMI privileges
- "Access is denied" Exception with WMI
- Unable to remotely terminate a process using WMI and C#
- Access Denied when using system.management for shutdown
- Set administrative privileges in C#