Hi
My process needs to have the SeBackupPrivilege token.
With an user which have the administrator rights, I can
call the JCL function EnableProcessPrivilege without any
problem. The call succeeded and my program can backup
files and folders.
I want now to be able to run my program under a
limited account. I think that the only valid solution
is to impersonate a power user specified by the user before starting the backup.
In the main DLL (which contain the backup routines)
loaded by my host program, I call LogonUser() then
ImpersonateLoggedOnUser() with the username, the password
and the domain strings the user provided. Both calls succeed.
But I'm still not able to aquire the SeBackupPrivilege :
EnableProcessPrivilege, which worked fine under my
administrator account, returns false even if
the impersonation seems to be succeeded.
So, to impersonate an user in a running process, do I
need to call other APIs than LogonUser() +
ImpersonateLoggedOnUser() ? What is wrong in my scenario ?
I'm running XP SP2 + D7.
Any hints appreciated.
Best regards,
A.R.
