My program, "UP", needs to be able to mount VHDX files from network locations. The difficulty is that any thread calling OpenVirtualDisk(...) upon a network location needs to have both SE_MANAGE_VOLUME_PRIVILEGE, which most of my users will not have, and access to the network location, which any System process "SP" I install to get around this will not have.
Method 1: I've read I can have SP receive the user's credentials and use "client impersonation" to create a thread running as the user. But I don't know how to have SP also grant that thread SE_MANAGE_VOLUME_PRIVILEGE.
Method 2: If SP is handed the user's credentials, can it use them to set up transparent access for itself to the network share, so that it can call OpenVirtualDisk(...) itself?