The CreateProfile function will fail with HRESULT 0x80070522 (system error code 1314) if it is called from a process that is not running with elevated privileges as Administrator.
CreateProfile Win32 function failing for Windows Server 2008 R2.
I am sharing a code snippet which is working completely fine for the Windows Server 2012, 2016, 2019 and 2022 but the same MSI Windows Installer Application is getting errored out only for the Windows Server 2008 R2 Machines with the error message for the API- CreateProfile with the error message- 'An attempt was made to reference a token that does not exist.'
I have checked and verified that the local user is properly created and the new user folder is also created under the 'C:\Users' folder also its entry is also present inside the 'ProfileList' section as checked and verified using registry editor. So, the user used is a valid user for which we are getting the error.
Can someone please help me understand if there is some kind of bugs in my current code or do I need to make any changes at the Windows Server 2008 machine to make it work, which is hindering to work in similar manner for Window Server 2008 R2 like it is working for all other Windows Server 2012 and above and also help me understand the reason behind the strange behavior of the for all 2008 R2 Standard MSI Installer. I am attaching the screenshot of the error that we receive in Windows Server 2008 R2 Standard.
bool CreateProfileForUser(const std::wstring& username, const std::wstring& domain) {
PSID userSid = NULL;
DWORD sidSize = 0;
WCHAR domainName[LSA_BUF_SIZE];
DWORD domainNameSize = sizeof(domainName) / sizeof(WCHAR);
SID_NAME_USE sidType;
WCHAR profilePath[MAX_PATH];
HRESULT hResult = S_OK;
LookupAccountNameW(NULL, username.c_str(), NULL, &sidSize, domainName, &domainNameSize, &sidType);
if (GetLastError() != ERROR_INSUFFICIENT_BUFFER) {
std::wstring errorDetails = L"LookupAccountNameW: The Username: " + username + L", Domain: " + domain + L", passed not found! Make sure to pass a valid username with hostname or domainname.";
DisplayError(const_cast<LPWSTR>(errorDetails.c_str()));
return false;
}
userSid = (PSID)malloc(sidSize);
if (!LookupAccountNameW(NULL, username.c_str(), userSid, &sidSize, domainName, &domainNameSize, &sidType)) {
free(userSid);
std::wstring errorDetails = L"LookupAccountNameW: The Username: " + username + L", Domain: " + domain + L", passed not found! Make sure to pass a valid username with hostname or domainname.";
DisplayError(const_cast<LPWSTR>(errorDetails.c_str()));
return false;
}
LPWSTR sidString = NULL;
if (!ConvertSidToStringSid(userSid, &sidString)) {
free(userSid);
DisplayError(L"ConvertSidToStringSid");
return false;
}
//Here occurs the error during the CreateProfile function call for Win 2008 R2 and works fine for 2012 and above
hResult = CreateProfile(sidString, username.c_str(), profilePath, MAX_PATH);
if (hResult != HRESULT_FROM_WIN32(ERROR_ALREADY_EXISTS) && hResult != S_OK ) {
DisplayError(L"CreateProfile");
free(userSid);
LocalFree(sidString);
return false;
}
free(userSid);
LocalFree(sidString); return true;
}