I have an Windows application running in user session but application works with SYSTEM user rights.
Specifically application does this:
Get a windows user token
Impersonate on this user (
ImpersonateLoggedOnUser or create new thread and
Call to Windows Automation API (
Application works on Windows 10, but on Windows 7 automation API returns error 0x80070005 (access denied).
Which is incomprehensible to me:
if I take token from 1. and create new proces as this user (by
CreateProcessAsUser) then new process can use automation API without problems.
What is the difference in permissions between a thread impersonated to user and a process running as this same user ?
What permissions can cause automation API error ?
User contributions licensed under CC BY-SA 3.0