win32security.AdjustTokenPrivileges
Jonathan Gilligan
jonathan.gilligan at vanderbilt.edu
Tue Dec 5 15:40:39 EST 2000
In your code, there are two things: First, you have a
typo---"provValue" where you mean "procPrivValue" and second (I don't
know if it makes a difference) you have
AdjustTokenPrivileges (processToken, 0, (provValue,
SE_PRIVILEGE_ENABLED) )
where I have the equivalent of
AdjustTokenPrivileges (processToken, 0, [(provValue,
SE_PRIVILEGE_ENABLED) ])
(i.e., you pass a tuple for parameter 3, where I pass a list
containing a single tuple).
Here is some code I use that successfully reboots a remote computer:
import win32net, win32netcon, win32security, ntsecuritycon, win32api
import pythoncom
import sys, time
privilegeShutdown = ntsecuritycon.SE_REMOTE_SHUTDOWN_NAME
# fill in the name of the server you want to reboot (it can be remote)
ServerName = "\\\\TargetServer"
debug = 1
def trace(msg):
if debug:
print msg
#
# The code below is largely stolen from Mark Hammond's
# "Programming Win32 with Python," (O'Reilly, 2000).
# If you don't have this book, you should buy it!
#
# This blatant advertisement placed here by Jonathan Gilligan
#
def AdjustPrivilege(priv, enable = 1):
# get the process token
flags = ntsecuritycon.TOKEN_ADJUST_PRIVILEGES |
ntsecuritycon.TOKEN_QUERY
htoken =
win32security.OpenProcessToken(win32api.GetCurrentProcess(), flags)
# Get the id fof the system shutdown privilege
id = win32security.LookupPrivilegeValue(None, priv)
#
#
if enable:
trace(("Enabling privilege %s" % priv))
try:
newPrivileges = [(id, ntsecuritycon.SE_PRIVILEGE_ENABLED)]
except pythoncom.com_error, (hr, msg, exc, arg):
trace("Failed with code %d: %s. " % (hr, msg))
if (exc == None):
trace("There is no extended error information")
else:
wcode, source, text, helpFile, helpId, scode = exc
trace("The source of the error is %s, the message is
\"%s\", More info can be found in %s (id-%d)"
% (source, text, helpFile,helpId))
except win32net.error:
trace("Failed: '%s' = %s" % (sys.exc_info()[:2]))
except:
trace("Failed.")
else:
trace("Succeeded.")
else:
trace("Disabling privilege %s" % priv)
try:
newPrivileges = [(id, 0)]
except pythoncom.com_error, (hr, msg, exc, arg):
trace("Failed with code %d: %s. " % (hr, msg))
if (exc == None):
trace("There is no extended error information")
else:
wcode, source, text, helpFile, helpId, scode = exc
trace("The source of the error is %s, the message is
\"%s\", More info can be found in %s (id-%d)"
% (source, text, helpFile,helpId))
except win32net.error:
trace("Failed: '%s' = %s" % (sys.exc_info()[:2]))
except:
trace("Failed.")
else:
trace("Succeeded.")
win32security.AdjustTokenPrivileges(htoken, 0, newPrivileges)
def RebootServer(message = "Server Rebooting", timeout = 120, bForce =
0, bReboot = 1):
trace("Preparing to reboot server")
AdjustPrivilege(privilegeShutdown)
try:
win32api.InitiateSystemShutdown(ServerName, message, timeout,
bForce, bReboot)
except pythoncom.com_error, (hr, msg, exc, arg):
trace("Failed with code %d: %s. " % (hr, msg))
if (exc == None):
trace("There is no extended error information")
else:
wcode, source, text, helpFile, helpId, scode = exc
trace("The source of the error is %s, the message is
\"%s\", More info can be found in %s (id-%d)"
% (source, text, helpFile,helpId))
except win32net.error:
trace("Failed: '%s' = %s" % (sys.exc_info()[:2]))
except:
trace("Failed.")
else:
trace("Succeeded.")
AdjustPrivilege(privilegeShutdown, 0)
def AbortReboot():
AdjustPrivilege(privilegeShutdown)
trace("Aborting reboot on %s" % ServerName)
try:
win32api.AbortSystemShutdown(ServerName)
except pythoncom.com_error, (hr, msg, exc, arg):
trace("Failed with code %d: %s. " % (hr, msg))
if (exc == None):
trace("There is no extended error information")
else:
wcode, source, text, helpFile, helpId, scode = exc
trace("The source of the error is %s, the message is
\"%s\", More info can be found in %s (id-%d)"
% (source, text, helpFile,helpId))
except win32net.error:
trace("Failed: '%s' = %s" % (sys.exc_info()[:2]))
except:
trace("Failed.")
else:
trace("Succeeded.")
AdjustPrivilege(privilegeShutdown, 0)
#
# Set the timeout to whatever timeout you want to give the user on the
target
# workstation to shut down his work before you reboot.
#
tmout = 120
message = "Preparing to reboot server. You have %d seconds to finish
your work before the reboot."
RebootServer(message, timeout=tmout)
"Patrick Blanchette" <pblanchette at pixelsystems.com> wrote in message
news:3A2D3521.6010105 at pixelsystems.com...
> I,
> I'd like to reboot a windows NT station using a Python script.
It is
> supposed to be possible using the Python extensions for Windows. I
try
> the following code but an exception is thrown after the call to
> AdjustTokenPrivileges:
> -----------------------------------------------
> hProcess = GetCurrentProcess()
> processToken = OpenProcessToken(hProcess, TOKEN_ADJUST_PRIVILEGES |
> TOKEN_QUERY)
> procPrivValue = LookupPrivilegeValue (None, SE_SHUTDOWN_NAME)
> AdjustTokenPrivileges (processToken, 0, (provValue,
SE_PRIVILEGE_ENABLED) )
> ExitWindowsEx(EWX_REBOOT | EWX_FORCE, 0)
> -->
> Traceback (innermost last):
> File "<interactive input>", line 1, in ?
> TypeError: A TOKEN_PRIVILEGES object must be a tuple of
(LARGE_INTEGER, int)
> -----------------------------------------------
>
> How should I use the AdjustTokenPrivileges function?
>
> thank
>
More information about the Python-list
mailing list