来自（哪里Windows C# 有没有办法使用父进程的 Kerberos 票证创建新进程？支持使用 SSPI 进行多进程的 kerberos 约束委派我正在尝试将 Kerberos 凭据从一个进程复制到另一个进程以调用远程命令。史蒂夫非常有帮助，但我对如何创建子进程，使用正确的凭据句柄加载它和模拟，然后获取同一个子进程来执行调用后的实际命令有点困惑DuplicateHandles 要求子进程首先存在。我的问题是，如何让子进程执行我最初打算让它作为 CreateProcessAsUser 模拟执行的命令？到目前为止的代码：var CurrentIdentity = ((WindowsIdentity)User.Identity).Token;IntPtr parentHandle = IntPtr.Zero;CloneParentProcessToken.QuerySecurityContextToken(ref CurrentIdentity, out parentHandle);IntPtr parentProcessHandle = Process.GetCurrentProcess().Handle;currentUser = System.Security.Principal.WindowsIdentity.GetCurrent().Name;//Create Child Process as UserIntPtr childProcessHandle = CreateProcessAsUser();IntPtr lpTargetHandle = IntPtr.Zero;//Duplicate parent security handle into childif (CloneParentProcessToken.DuplicateHandle(parentProcessHandle, parentHandle, childProcessHandle, out lpTargetHandle,    ProcessUtility.TOKEN_IMPERSONATE, true, (uint)0x00000002)){    int childHandleProcessID = CloneParentProcessToken.GetProcessId(lpTargetHandle);    IntPtr newChildProcess = ProcessUtility.OpenProcess(ProcessUtility.ProcessAccessFlags.All, true, childHandleProcessID);    IntPtr newProcessAccessTokenHandle = IntPtr.Zero;    if (ProcessUtility.OpenProcessToken(newChildProcess, ProcessUtility.TOKEN_IMPERSONATE, out newProcessAccessTokenHandle))    {        //Impersonate the user in the new child process        if (CloneParentProcessToken.ImpersonateLoggedOnUser(newProcessAccessTokenHandle))        {            //newChildProcess is pointer to child process with token and impersonation            Process child = Process.GetProcessById(childHandleProcessID);            //Have child process execute???        }    }