I did it as the following:
1.Get the session if of the active console user (WTSGetActiveConsoleSessionId)
2.Get the user's token (WTSQueryUserToken),the user has administrator privilege
3.duplicate the token ((DuplicateTokenEx)
4.Get the linked token of ther user token. The linked token has admin privilege.
-----------------------------------------------------------------------------------------------------------------------------------------
TOKEN_LINKED_TOKEN admin;
GetTokenInformation(hUserToken, TokenLinkedToken, &admin, sizeof(TOKEN_LINKED_TOKEN), &len)) ;
HANDLE AdminToken = admin.LinkedToken;
--------------------------------------------------------------------------------------------------------------------------------------------
5. create the user process (createProcessAsUser)