Despite all the warnings about how it is not possible to elevate a thread to an elevated administrator in Windows 2008 R2, I have been able to start a process as a normal user, call LogonUser(), and use either ImpersonateLoggedOnUser() or DuplicateTokenEx()/SetThreadToken() to assign an elevated administrator's token to a thread.
The first job in a worker thread in my app is to write to a registry location that the administrator account has full access to. When attempting to call CRegKey::Create(), I get the error ERROR_BAD_IMPERSONATION_LEVEL.
There doesn't seem to be a lot of information on this error, and I assume it is due to an additional check by the OS to ensure that a process does not do what I made mine do.
Would anyone be able to confirm this is so, and possibly suggest a workaround?
I know I can create additional elevated processes, etc. but I am still valiantly attempting to do this within a single process.
Thanks,
Bob.