NT Security

I have a problem It is About an MSDN sample DBMON.
I will describe the problem irrelative to DBMON and
will be
hoping for a generic if not specific answer.
DBMON captures outputdebugstring generated by
different processes.
I have implemented it over a network using DCOM. where
the ouput
generated by DBMON is seen on client machine through
connection points.
It captures OutputDebugString from the processes of
that machine in
two scenerios only

1 >>.> If the user on the client machine (where the
user is calling DBMON
on the server) is in the local administrator
group of the server
machine.
2 >>.> If both user on the server and client machines
are same ( I mean
same users not same group ).

There is one another strange thing going on that if
the
server process on the server machine itself generates
any
outputdebugstring it captures it (only)also
irrespective of the
above two conditions. (Does it mean that the remote
process
originated by client runs under clients security
context … ?
At least the second situation above have made me think
about that )…
---------------- NOW -------------------
I only need a mechanism by which if i can only give
the user an option
to connect remotely from one of its local
administrator group members
if he is not in first or second situation. I no a
password and login
name window will do the trick but donot know how to
transfer the access
rights of the currently login client to the one
provided in the window
by the client to logon remotely…
If I could just do that…


Do You Yahoo!?
Yahoo! Photos - 35mm Quality Prints, Now Get 15 Free!
http://photos.yahoo.com/

Hello:
I have to access a resource ( MUTEX ) on a
remote machine which can only
be accessed by a network user who is also the local
administrator of the
remote PC.
Now the problem is that if on the client the user
which of course is a
network user does not belong to
the local administration group of that PC, then he
should be provided with a
window where he can type the user name and password
of a network user and
hence access that resource . How to change the access
token of the calling
process…?
The client and Server Process ( where the
Mutex resides ) are
communicating through DCOM i.e., I instantiate the
Server process through
CoCreateInstanceEx()…
One other thing to ask that under above
situation the instantiated
process( interface ) belongs to the client user or th
server user logged on.


Do You Yahoo!?
Get Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/