Your remote process runs in a restricted security context, it does not run in the context of an interactive logon account
(if any), it runs in the security context of the remote
WMI service and by default it's impersonating the initiator (the
WMI client). What does it mean to the application that was started? First, this application has no way to interact with the user, even when it's a console application, the output will go to a non visible desktop and there is no way to read
from the keyboard.
If you want to start a process remotely I'd suggest remotely installing a service, make that start your process and remove the service upon termination. You can use GetActiveConsoleSession (XP and higher) to obtain the interactive sessionid and then use WtsQueryUserToken to obtain the users token. Lastly use CreateProcessAsUser with the token from WtsQueryUserToken. You can put this in the ServiceStartEvent. Something like this:
Delphi-Quellcode:
procedure TService1.ServiceStart(Sender: TService; var Started: Boolean);
var hToken: THandle;
si: _STARTUPINFOA;
pi: _PROCESS_INFORMATION;
begin
ZeroMemory(@si, SizeOf(si));
si.cb := SizeOf(si);
si.lpDesktop := nil;
if WTSQueryUserToken(WTSGetActiveConsoleSessionId, hToken) then
begin
if CreateProcessAsUser(hToken, nil, 'cmd.exe', nil, nil, False,
CREATE_NEW_CONSOLE or CREATE_NEW_PROCESS_GROUP, nil,
nil, si, pi) then
begin
// Do some stuff
end;
end;
Self.DoStop;
end;