CODEWITHSUNDEEP
c++windowsmutex
iz25
iz25

Reputation: 284

CreateMutex on Windows 2012 with error code ERROR_ACCESS_DENIED

I am trying to create mutex on Windows 2012 with this code:

CreateMutex(securityAttributes, FALSE, TEXT("Global\\test"));

it always gives error code 5 (ERROR_ACCESS_DENIED).

I have tried to create security attributes that I found here but with no success. Note that this code works on Windows 7.

What could be a problem here?

I want to create global mutex that can be used by windows service (System account) and user account.

Upvotes: 1

Views: 639

Answers (1)

iz25
iz25

Reputation: 284

Seems that the problem was with inappropriate security attributes. It works now. Following is code for creating security attributes.

DWORD dwRes;
PSID pEveryoneSID = NULL, pAdminSID = NULL;
PACL pACL = NULL;
PSECURITY_DESCRIPTOR pSD = NULL;
EXPLICIT_ACCESS ea[2];
SID_IDENTIFIER_AUTHORITY SIDAuthWorld = SECURITY_WORLD_SID_AUTHORITY;
SID_IDENTIFIER_AUTHORITY SIDAuthNT = SECURITY_NT_AUTHORITY;
PSECURITY_ATTRIBUTES pSA = NULL;
DWORD resultCode;

if( !AllocateAndInitializeSid( &SIDAuthWorld,  1, SECURITY_WORLD_RID, 0, 0, 0, 0, 0, 0, 0,  &pEveryoneSID ) )
{
    resultCode = -1;
    goto ErrCleanUp;
}

ZeroMemory(&ea, 2 * sizeof(EXPLICIT_ACCESS));
ea[0].grfAccessPermissions  = GENERIC_ALL; 
ea[0].grfAccessMode         = SET_ACCESS;
ea[0].grfInheritance        = NO_INHERITANCE;
ea[0].Trustee.TrusteeForm   = TRUSTEE_IS_SID;
ea[0].Trustee.TrusteeType   = TRUSTEE_IS_WELL_KNOWN_GROUP;
ea[0].Trustee.ptstrName     = (LPTSTR) pEveryoneSID;

if(! AllocateAndInitializeSid( &SIDAuthNT, 
                               2,
                               SECURITY_BUILTIN_DOMAIN_RID,
                               DOMAIN_ALIAS_RID_ADMINS,
                               0, 0, 0, 0, 0, 0,
                               &pAdminSID ) ) 
{
    resultCode = -1;
    goto ErrCleanUp; 
}

ea[1].grfAccessPermissions = GENERIC_ALL; 
ea[1].grfAccessMode        = SET_ACCESS;
ea[1].grfInheritance       = NO_INHERITANCE;
ea[1].Trustee.TrusteeForm  = TRUSTEE_IS_SID;
ea[1].Trustee.TrusteeType  = TRUSTEE_IS_GROUP;
ea[1].Trustee.ptstrName    = (LPTSTR) pAdminSID;

dwRes = SetEntriesInAcl(2, ea, NULL, &pACL);

if (ERROR_SUCCESS != dwRes) 
{
    resultCode = -1;
    goto ErrCleanUp;
}

pSD = (PSECURITY_DESCRIPTOR) LocalAlloc( LPTR, 
                                         SECURITY_DESCRIPTOR_MIN_LENGTH ); 
if (NULL == pSD) 
{ 
    resultCode = -1;
    goto ErrCleanUp; 
} 

if ( !InitializeSecurityDescriptor( pSD,
                                    SECURITY_DESCRIPTOR_REVISION ) ) 
{  
    resultCode = -1;
    goto ErrCleanUp; 
} 

if (! SetSecurityDescriptorDacl( pSD,  TRUE,  pACL, FALSE ) )  
{  
    resultCode = -1;
    goto ErrCleanUp; 
} 

pSA = (PSECURITY_ATTRIBUTES) LocalAlloc(LPTR, sizeof(SECURITY_ATTRIBUTES)); 
if (NULL == pSA) 
{ 
    resultCode = -1;
    goto ErrCleanUp; 
} 

ZeroMemory(pSA, sizeof(SECURITY_ATTRIBUTES));
pSA->nLength = sizeof(SECURITY_ATTRIBUTES);
pSA->lpSecurityDescriptor = pSD;
pSA->bInheritHandle = FALSE;

*ppsa = pSA;

return 0;

ErrCleanUp:

if (pEveryoneSID) 
    FreeSid(pEveryoneSID);
if (pAdminSID) 
    FreeSid(pAdminSID);
if (pACL) 
    LocalFree(pACL);
if (pSD) 
    LocalFree(pSD);
if (pSA) 
    LocalFree(pSA);

*ppsa = NULL;
return 0;

Upvotes: 3

Related Questions