Call to WTSQueryUserToken() gives ERROR_PRIVILEGE_NOT_HELD in Windows Vista

2007-04-17 Here I will describe an error called ERROR_PRIVILEGE_NOT_HELD that I faced from a call to WTSQueryUserToken() using Visual C++ on Windows Vista and Windows XP SP2.

I have used the WTSQueryUserToken() function to obtain the primary access token of the logged-on user whose session-id I had obtained from a call to WTSGetActiveConsoleSessionId().

Now, here is my problem. After the call to WTSQueryUserToken() from inside a DLL that is running under the Print Spooler service, GetLastError() returns error number 1314 which means: A required privilege is not held by the client. I am logged in to Windows using an administrator account. The Notepad.exe application that is invoked at the end of the code also doesn't start.

In MSDN I see that what I'm getting is the error ERROR_PRIVILEGE_NOT_HELD which means: The caller does not have the SE_TCB_NAME privilege. How should I go about getting that privilege now?

Print Spooler (SPOOLSV.EXE) runs under the SYSTEM username account, i.e., the LocalSystem account. A quick look up in the Windows Task Manager shows that the Image Name SPOOLSV.EXE is running under the SYSTEM username.

My DLL is loaded by SPOOLSV.EXE under its own context. My intent is to start the Notepad.exe application under the context of the user who is currently logged in to Windows.

Note: As an aside, note that the SPOOLSV.EXE runs from location C:\WINDOWS\system32\spoolsv.exe. It is the Windows Print Spooler service that loads files to memory for later printing.

Here is my source code snippet:

static STARTUPINFO si;

static PROCESS_INFORMATION pi;

HANDLE hTokenNew = NULL, hTokenDup = NULL;

DWORD dwSessionId = WTSGetActiveConsoleSessionId();

WTSQueryUserToken(dwSessionId, &hTokenNew);

DuplicateTokenEx(hTokenNew, MAXIMUM_ALLOWED, NULL,

                 SecurityIdentification, TokenPrimary,

&hTokenDup);

ZeroMemory(&si, sizeof(STARTUPINFO));

si.cb = sizeof(STARTUPINFO);

si.lpDesktop = _T("winsta0\\default");

LPVOID  pEnv = NULL;

DWORD dwCreationFlag = NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE;

CreateEnvironmentBlock(&pEnv, hTokenDup, FALSE));

dwCreationFlag |= CREATE_UNICODE_ENVIRONMENT;

pEnv = NULL;

ZeroMemory(&pi, sizeof(PROCESS_INFORMATION));

CreateProcessAsUser(hTokenDup, NULL, _T("c:\\windows\\notepad.exe"),

                    NULL, NULL, FALSE, dwCreationFlag,

                    pEnv, NULL, &si, &pi);

CloseHandle(hTokenDup);

Update 2007-04-25: So, this is how I solved it. There was no need for the WTSGetActiveConsoleSessionId() and WTSQueryUserToken(). Just the CreateEnvironmentBlock() must work properly so that the environment for the process you are going to create is set correctly.

Here is the source that worked for me. The code snippet below shows the Notepad application being launched. The DLL in which I used this code runs under the Print Spooler service - basically it is a Print Monitor. You need to add your own validity checks - what's listed below is bare-bones.

#include "userenv.h"

// Global Typedefs for function pointers in USERENV.DLL

typedef BOOL (STDMETHODCALLTYPE FAR * LPFNCREATEENVIRONMENTBLOCK)

             (LPVOID  *lpEnvironment,

              HANDLE  hToken,

              BOOL    bInherit);

typedef BOOL (STDMETHODCALLTYPE FAR * LPFNDESTROYENVIRONMENTBLOCK)

             (LPVOID lpEnvironment);

void InvokeApp()

{

    // Local Variable Declarations

    HANDLE hToken    = NULL;

    HANDLE hTokenDup = NULL;

    STARTUPINFO si;

    PROCESS_INFORMATION pi;

    ZeroMemory(&si, sizeof(STARTUPINFO));

    ZeroMemory(&pi, sizeof(PROCESS_INFORMATION));

   

    si.cb = sizeof(STARTUPINFO);

    si.lpDesktop = _T("Winsta0\\Default");

   

    DWORD  dwCreationFlag = NORMAL_PRIORITY_CLASS | CREATE_NEW_CONSOLE;

    LPVOID pEnvironment = NULL;

    LPFNCREATEENVIRONMENTBLOCK lpfnCreateEnvironmentBlock = NULL;

    LPFNDESTROYENVIRONMENTBLOCK lpfnDestroyEnvironmentBlock = NULL;

    HMODULE hUserEnvLib = NULL;

    hUserEnvLib = LoadLibrary(_T("userenv.dll"));

    if ( NULL != hUserEnvLib ) {

        lpfnCreateEnvironmentBlock = (LPFNCREATEENVIRONMENTBLOCK)

        GetProcAddress(hUserEnvLib, "CreateEnvironmentBlock");

       

        lpfnDestroyEnvironmentBlock = (LPFNDESTROYENVIRONMENTBLOCK)

        GetProcAddress(hUserEnvLib, "DestroyEnvironmentBlock");

    }

    OpenThreadToken(GetCurrentThread(), TOKEN_DUPLICATE, TRUE, &hToken);

    DuplicateTokenEx(hToken,

                     TOKEN_IMPERSONATE|TOKEN_READ|

                     TOKEN_ASSIGN_PRIMARY|TOKEN_DUPLICATE,

                     NULL,

                     SecurityImpersonation,

                     TokenPrimary,

                     &hTokenDup);

    RevertToSelf();

    CloseHandle(hToken);

    if (NULL != lpfnCreateEnvironmentBlock)

{

        if (lpfnCreateEnvironmentBlock(&pEnvironment, hTokenDup, FALSE))

{

            dwCreationFlag |= CREATE_UNICODE_ENVIRONMENT; // must specify

        }

        else

{

            pEnvironment = NULL;

            OutputDebugString(_T("CreateEnvironmentBlock() -- FAILED"));

        }

    }

    else

{

        OutputDebugString(_T("FAILED - GetProcAddress"));

    }

    CreateProcessAsUser(hTokenDup, NULL, _T("c:\\windows\\notepad.exe"),

                        NULL, NULL, FALSE, dwCreationFlag,

                        pEnvironment, NULL, &si, &pi);

   

    if (NULL != lpfnDestroyEnvironmentBlock)

        lpfnDestroyEnvironmentBlock(pEnvironment);

 

    if (NULL != hUserEnvLib)

        FreeLibrary(hUserEnvLib);

   

    CloseHandle(hTokenDup);

}

What did I fix? The issue I was facing was that the application I wanted my Print Monitor to launch using CreateProcessAsUser() was not getting the logged-on user's environment. The after-effect was that, because of this reason, when my application used to show the File Open common dialog box, it would behave strange while trying to browse to the Desktop in it. This was in Vista.

In Windows XP, the File Open dialog would let you browse to the Desktop folder but the object icons on the Desktop would not appear right in it.

Note that if you don't use CreateEnvironmentBlock(), and the application you launch uses things like the Windows Common Dialog boxes, you may find file dialog boxes working erratically.

Refer this and this.

Google pays $3.1bn for DoubleClick

Google acquired DoubleClick, a pioneer in online advertising, for $3.1 billion in cash, making Google a major player in online display advertising. Despite DoubleClick's revenues being estimated at $300m-$400m, the high price reflects intense competition in the online advertising market. Google aims to cross-sell DoubleClick's services to its existing search advertising customers. The deal allows Google to expand its advertising market as its core search advertising business slows down. The integration of search and display advertising is a significant benefit of the acquisition. DoubleClick's private equity owners profit handsomely from the sale. Here is an article from the Financial Times.

The Windows Media Player Homepage

The Windows Media Player 10 homepage on March 09, 2007.

http://www.microsoft.com/windows/windowsmedia/player/10

The Windows Media Player 11 homepage on March 09, 2007.

http://www.microsoft.com/windows/windowsmedia/player/11

Can the Windows.old folder be deleted from Windows Vista?

I just did my update to Windows Vista RC2 build 5744 and because it was an update and not a clean install it created a "Windows.old" directory. Well, this folder is over 7 Gigs, and I can't really spare that much room for nothing. So, can I delete this folder and not cause any problems with my current Windows?

Solution: Yes, you can. If you want to remove that Windows.old folder from of your Windows Vista installation root drive, go to

Start > All Programs > Accessories > System Tools > Disk Cleanup

In "Which files to clean up" dialog > Click on "Files from all users on this computer".

Select the Drive where your Windows.old resides.

In Disk Cleanup dialog, select Previous Windows installation(s) in the "Files to delete" list. Click on OK.

This should clean up the hard disk space occupied by the Windows.old folder.

I verified this on Windows Vista x64.

Refer this.

Analysis of Pink Floyd's album The Wall

Like me, if you have been a kid growing up in the 80s and 90s, there is a high probability that you have heard and loved Pink Floyd's audio and video album The Wall. The album is one of the most imaginative rock album in the hist of rock and had millions of fans even to this day.

The WallAnalysis.com is a website that performs a thorough analysis of the songs and the theme of the album and helps you appreciate the music more that you have done ever before. Archived link.

LG RD2130: True Moonlight

I used the LG RD2130 CDMA cellphone for a few months, and I thought I'd write something on this. This is by far the best mobile phone (in its category) from the Reliance India Mobile (RIM) CDMA stock.

LG RD2130 mobile phone

Not that it has got the best UI navigation, the best display, the best keypad, the best ring tones, and best everything, but overall, the product is excellent and performs as expected. The sticker price of the mobile phone is Rs. 10,500 but I got it for Rs. 4,500. The price and the cool looks are in fact the best bargain of this handset.

The box shipped with the handset, a headset, an LG Lithium-Ion battery (LG LI-AAEM) battery, a travel charger, the user manual and a hand strap.

Display

The overall effect of the moonlight blue backlit display looks cool on this monochrome handset. The display resolution is good enough. LG has also packed screensavers in this phone.

Call features

The handset allows muting, incoming call ringer muting and a scratch pad during an ongoing call.

Keys

The keypad layout is typical LG style along with the typical LG navigation hierarchy. So be ready for the usual LG-style endless clicks. The keys are well placed so you won't find much trouble once you learn the navigation tree. There are two scroller buttons on the side pane which you can use to scroll through menu and adjust the volume.

Antenna

The phone carries a Sony SSW0900 chip-type CDMA antenna running on the TX band at 824~849MHz and on the RX band at 869~894MHz. It is good that LG did away with the external antenna sticking out of this cellphone.

Battery

The cell phone comes with a 3.7V LG Lithium-Ion (LG LI-AAEM) battery.

PC Connectivity

The handset connects to the PC using a serial data cable for synchronization of the phonebook and organizer using the PC Sync application.

R World

The R World (Reliance World) services are accessible on this handset except MMS, I believe. However, I regularly face errors in the R World connection, which I'm not sure if the problem is with the phone or the R World service.

SAR (Specific Absorption Rate)

SAR value for this phone when tested for use at the ear is 0.712 W/kg and when worn on the body is 0.887 W/kg. The SAR limit set by the FCC is 1.6W/kg.

FCC ID

The FCC ID for the device is BEJRD2130 and the reports are available at here.

Conclusion

For me the phone worked fine and had a stable battery backup along with good in-call audio quality. I liked the cool blue backlight of the display and the ease of use it provides. Here are my ratings for individual features:

Ratings for the LG RD2130 Mobile Phone

MouthShut has rated this handset is 3.15 out of 5 based on 206 user votes.

You can read my review also at MouthShut here. The user manual is available here at ManualsLib, and here at the FCC ID Database.

LG RD5130 Mobile Phone: Low price-range and a good display

I was planning to move over to a GSM service when I decided again to go for this CDMA candy phone offered by Reliance India Mobile. Been using this cell phone since August 2004, the first impression on the look of this phone is really great considering the price tag it comes with. With a large display (for this price range) and excellent 65K colors it looks a great buy. But then you start using it and start seeing the glitches.

LG RD5130

It is available for a price of Rs. 4,600 from Reliance and it came bundled along with a Rs. 1,000 talk time to call other Reliance India Mobile numbers (and some Rs. 50 for other numbers) which was pretty cool.

The box ships with the handset, a headset, a 3.7V LG Lithium-Ion battery (LG LI-AAEM), travel charger (model AC-20W), user manual, hand strap and an added Quick Guide. The color I got is the Metal Silver and the rated price on the box was Rs. 11,500.

Display

This is by far the main feature of this cell phone. With a 65K color CSTN display, this phone delivers distinct, clear and smooth graphics and animation. The 128 x 128 pixels resolution (6-line LCD) is a good number for the price range. I basically went for this display. However, there is a catch - the display is not very visible in the sunlight.

A major problem with the display is that it simply shuts off after about a minute, so you see nothing on the display unless you have pressed a key. Though I initially thought that this feature was provided so the battery juice would be used more efficiently, but from the battery life it seems to have no such positive effect. Also, evidently, there is also no way to turn off this.

Keypad

The keys on the keypad have a bumpy look and are made if rubber, so the longevity is in question, though I have not faced any wear and tear as yet. The * and # keys are hard to use, and you might miss the pressure points if you are using with one hand. The Left & Right Navigation keys are so closely placed to the Call and End keys, respectively, you'll often press the wrong key. The keys need a little more pressure than regular - I wish it had those soft keys. Typing with only one hand feels the phone is going to slip and fall.

The keypad features predictive text input using the T9 dictionary for easy typing.

Calling

The handset allows 3-way conference calling, call waiting, call forwarding, muting, and incoming call ringer muting. It stores up to 60 recent calls including received, dialed, missed and in-call memo numbers.

Messaging

Typing SMS text messages is not comfortable with the keypad with its hard keys and the phone's form factor. SMSs that don't fit into its character space limit are difficult to scroll through to see the rest of the content.

Phone Book

The phonebook stores up to 300 x 4 entries which is pretty large. Finding entries is however very slow and not that user-friendly.

Audio Quality

The audio quality is very good, and none have complained to me about the audio they receive on their side. I haven't faced many call drops or voice breaks other than cases that originated from their side.

Software

The phone software seemed pretty good in the beginning but within a few days I realized that there might be some memory leak within the code. That is because you will see there is a problem with the way the icons animate on the main menu options. The problem is that the animation plays quite well first, but once it goes into the second loop and beyond, the animation jerks, showing distinct indication of memory blocks. I sometimes hope it doesn't hang the phone. I'm not sure if the problem is in general or comes with particularly in my unit. It looks disgusting, however.

Navigation

Navigating through the menus is easy if it wasn't for the few badly placed keys and the number of key presses you need for the operations. The number of key presses required to finish a task is too much and it is a pain for someone who is used to Nokia handsets in particular. There is however, a customizable, My Menu feature that comes handy in partly overcoming this part of the problem.

Speakers

This speakerphone is a great add-on. The sound is loud and clear as far as I have experienced. I guess it's louder than most speakers I have seen on costlier handsets (both CDMA & GSM).

Antenna

The phone carries a Hitachi SMA-S080C internal antenna. At last LG seems to be doing away with those external antennas sticking out from the head of its CDMA handsets. This is one reason I didn't say no to this phone.

What's the time?

If you are used to watching the time on your cellphone, then it's really a bad experience with the keypad locked and in daylight. The display features auto-shutoff so you just can't pick up the phone and see the time. You need to press some key to reactivate the display. Here is the catch - if the keypad is locked, pressing a key shows the message 'Press Key Guard to Unlock' and then the display dims immediately after the message disappears. In case you are in bright daylight and waiting for the message box to disappear, so you'll have a glance at the clock - you are in hard luck, because you can't see a thing with the display now dimmed. So, in case your key is locked, and you are in bright daylight, there are three steps to watching the clock: a) Press 0 for 2 seconds to unlock b) Wait for 1 more second for the ''Key Guard Disabled'' message to disappear c) Then watch the clock on the display.

My Menu

This is a really useful feature considering the large number of key presses that you have to use to access frequently used functions. This lets you create shortcuts to functions that you can access with a single key press.

Alarm

The phone has three alarms that you can set individually. You can also set the alarm to fire off once, daily, recurring Monday-to-Friday or Monday-to-Saturday. Alarms don't work if the phone is switched off, as you get in Nokia.

Battery

The battery is one of the major deciding factors that come to play when you rate a mobile phone. Being a portable handheld device, it is only the battery that keeps it going (you can't run around with the charger). The cell phone comes with a 3.7V LG Lithium-Ion (LG LI-AAEM) battery. Though you may find the standby time quite long (almost 2 days really) the average talk time is under 2 hours. If you are an average user, however, charging once a day should do. It is normal battery life even after the fuss it creates by shutting off the display.

Recharging

Speaking over the cell phone while recharging is really uncomfortable since the charge port is on the side of the handset. The charger adapter is too big, and the shape is not ergonomic enough so you can carry it in your pocket. LG can design it in a better way. The indicator after full recharge is useless since it's just a message box that shows for a few seconds and then disappears - so you can be sure to miss it. This is a big problem if you are recharging with the phone switched off. If you charge the phone keeping it switched on, you can however know the charge is full if the battery-charge indicator in the top-right of the display is constant and is no longer animating.

PC Connectivity

The handset connects to the PC using an LG-DC300DJ serial data cable or a LG-USB8100 USB cable for synchronization of the phonebook and organizer using the PC Sync application.

R World

The R World (Reliance World) graphics show cool on the display and all features are accessible. However, I regularly face errors in the R World connection, which I'm not sure if the problem is with the phone or the R World service.

SAR (Specific Absorption Rate)

SAR value for this phone when tested for use at the ear is 0.591 W/kg and when worn on the body is 0.335 W/kg. The SAR limit set by the FCC is 1.6W/kg.

FCC ID

The FCC ID for the device is BEJRD5130 and the reports are available here.

Conclusion

All in all, I somewhat regret my decision of buying this handset, but won't recommend to new buyers. There are better options out there. Here are my ratings for individual features:

Ratings for the LG RD5130 Mobile Phone

MouthShut has rated this handset 3.04 out of 5 based on 145 user votes.

You can read my review also at MouthShut here. The user manual is available here at LG, here at ManualsLib, and here at the FCC ID Database.