Reputation: 525
Why does the token returned by LogonUser() in Win x64 not belong to LOCAL group?
I have a piece of code that calls LogonUser() followed by CreateProcessAsUser(). In Win32, the resulting process belongs to a user (say, TESTDOMAIN\user1) who belongs to the LOCAL group. However, in x64, the process owner does not belong to LOCAL. The owner still belongs to all other groups (Authenticated Users, Everyone, etc.)
Does anyone know if this is a documented behavior change? Or am I supposed to put some special flag in x64 when calling LogonUser()?
Thanks.
Upvotes: 2
Views: 737
Answers (2)
Reputation: 525
I confirmed this behavior with MSDN support. They cited security reasons for the behavior change.
Upvotes: 1
Reputation: 551
In no version of MS Windows is there such a thing as a group named "LOCAL". Read this http://technet.microsoft.com/en-us/library/bb726980.aspx Then try being more specific, and correct in your use of the names and terminology.
Please provide more context also: The specific operating system are you using? Is the caller of CreateProcessAsUser a Service?
Upvotes: 0
Related Questions
- Token impersonation on Windows requires administrator permission Why?
- Does LOGON32_LOGON_INTERACTIVE give restricted token?
- Difference between access token taken from process than from user/pass
- Get name of LocalGroup Windows C++ using SID
- Sid of local group in machine
- Getting correct Token from session id
- How to determine membership of user in well-known-groups as Everyone
- GetTokenInformation with TokenGroups
- C# : How to marshal TOKEN_GROUPS for a call to LogonUserExEx() (or LsaLogonUser())
- What is LogonUser()'s token returned used for?