Security issues while loading roaming profiles ?

Hi,

I am encountering some strange effects in case I use roaming profiles,
stored on a network server. When my filter driver is up and running, access
to the roaming profiles files is denied, without my filter driver
explicitly saying so. The file do show up in the filter driver, but they
are not touched by it nor does the filter driver return some awkward status
code.

My filter driver uses worker threads, and in order to be in the correct
context when the worker threads are scheduled, I call
SeCreateClientSecurity in the IRP_MJ_CREATE path to save the ClientContext,
while upon completion I call this function again (with the ClientContext
parameter), followed by a call to SeImpersonateClient(Ex). Of course, when
the completion work of my filter is done, I call PsRevertToSelf.

This scheme works fine in all cases except for the case that the systems
loads the roaming profiles from the public server share, as explained
above. Also, if I manually copy the roaming profiles files from the public
server share after I logged in, there’s no problem at all.

Any clues why this would happen ? Am I doing anything wrong while setting
up the security levels / impersonation ?

Best,
Bartjan Wattel
ThunderStore b.v., The Netherlands


You are currently subscribed to ntfsd as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-ntfsd-$subst(‘Recip.MemberIDChar’)@lists.osr.com