I'm currently working on a UWP app that has an out-of-process background task (in a windows runtime component project). In the background task I'm trying to run a trace event session from the Microsoft.Diagnostics.Tracing.Session library, but it requires administrator privileges to run. Is there any way I can run the background task process as administrator?
hi maybe this answer will help you.
Hi,
No, auto-elevation for apps is not supported for Desktop Bridge apps.
This policy is called out in the preparation guide for the Desktop Bridge: https://learn.microsoft.com/en-us/windows/uwp/porting/desktop-to-uwp-prepare(bullet #2)
But you could tell users to run your app as admin.
The user can choose to run your app as admin by right click your app and choose more and you could find the option as Run as Administartor
Best regards,
Currently, UWP apps don't have the option to Run as administrator.
Another thing that needs to say is that with the 1809 update for Windows 10, desktop bridge apps can now declare a new capability -allowElevation in order to require elevation.
Related
I work at a company in which we need to restrict administrative access but allow the install of select programs with an easy way to update the list of programs. We want to develop a sort of appstore for everyone's PC where they can access the list of allowed apps and install what they need. We want to write this in C#.
To do this i have initially developed a windows service that starts as a localhost and runs at boot time giving it admin powers. I than use an application which talks to the windows service via a service hosted by the windows service. Long story short its told what app the user wants from the list and the list provides the file path for the application stored on a private repository.
This is a sort of very very early attempt at this and security is in mind and will be added once the concept functions.
Now onto the problem were having.... when we launch the installer using our service the installer window never launches in the desktop for the user to configure the options that could be in an installer. This of course poses a problem for a lot of our installers. After some quick research i understand why this happens due to what level the services run in the operating system and their inability to access the desktop.
My question is..... is there a way to solve this problem? a way to have a service launch at bootime and launch installers as an administrator on the users desktop? or is this too messy and creates too many issues? is there a way to do this with a console app or WPF?
Thanks in advance!
Indeed like what you found about windows services, I don't think this whole flow can work as a service. There seems to have some workarounds though, according to this thread: How can I run an EXE program from a Windows Service using C#?
If it's an app-store where users can choose what to install, maybe an application is all that's needed. Like you said:
I than use an application which talks to the windows service via a service hosted by the windows service. Long story short its told what app the user wants from the list and the list provides the file path for the application stored on a private repository.
Seems like an application can handle all the works here already.
I'm working on creating custom Cortana commands. The commands are registered and executed using a Universal Windows Platform Application. (GitHub)
For instance, I've registered the following command
<Command Name="ShutDown">
<ListenFor>Shut down</ListenFor>
<Navigate/>
</Command>
To run this function in a UWP application
static async void ShutDown()
{
var dialog = new MessageDialog("This is where I would shut the computer down.");
await dialog.ShowAsync();
//System.Diagnostics.Process.Start("Shutdown", "-s -t 10");
}
But after setting this up I learned System.Diagnostics.Process isn't supported in UWP.
The custom commands I want to run involve some sort of execution such as launching external programs, running other scripts, or opening websites.
It makes sense that UWP doesn't support them given that it's universal and an XBox or a phone might not be able to do these, but I was hoping there was some alternative or hacky way to accomplish this on a Windows 10 PC.
Is there a way for me to execute Process commands or something else with similar functionality in a UWP application? It seems like even though I can get Cortana to execute my C# code, UWP doesn't support much that would be useful in this situation.
Thanks in advance.
There are - limited - ways to achieve similar behavior.
You could use LaunchUri to trigger other apps which registered for a certain URI-Scheme. This should work for your webbrowser scenario. More details here:
https://msdn.microsoft.com/en-us/library/windows/apps/windows.system.launcher.launchuriasync.aspx
You could trigger another app and get results back from it using LaunchForResults. The called app has to support this. More details here:
https://msdn.microsoft.com/en-us/library/windows/apps/mt269386.aspx
You could trigger App Services provided by another app. The called app has to support this. The app service will be executed in background. ( I think this is pretty cool.) More details here:http://blogs.msdn.com/b/mvpawardprogram/archive/2015/06/11/writing-windows-10-app-services-in-javascript.aspx
This is a little hacky: I'm not sure if this still works but it did work for Windows 8.1: You could create a so called "Brokered Component". This allows you to trigger everything from you app on you machine, but you won't be able to publish a brokered component into the store. This also allowed Process.Start() on Windows 8.1. It only worked for sideloaded apps. I'm not sure if it still works on Windows 10.
More info here: https://msdn.microsoft.com/en-us/library/windows/apps/dn630195.aspx
Summary:
Starting another app is pretty easy as long as the target app registered as app service or registered a protocol handler (Uri scheme).
Starting scripts or other *.exe is impossible if option 4 doesn't work any longer.
With the Windows 10 Anniversary Update (1607) there is an option to enable this scenario on PC. With this API in the Desktop Extension SDK you can launch a fulltrust process that runs at the full user privileges:
https://learn.microsoft.com/en-us/uwp/api/Windows.ApplicationModel.FullTrustProcessLauncher
This way you can light it up on the platforms where it is supported, i.e. PCs running 1607 or above. And your app will still be universal:
if (ApiInformation.IsApiContractPresent("Windows.ApplicationModel.FullTrustAppContract", 1, 0))
{
await FullTrustProcessLauncher.LaunchFullTrustProcessForCurrentAppAsync();
}
I'm working on creating custom Cortana commands. The commands are registered and executed using a Universal Windows Platform Application. (GitHub)
For instance, I've registered the following command
<Command Name="ShutDown">
<ListenFor>Shut down</ListenFor>
<Navigate/>
</Command>
To run this function in a UWP application
static async void ShutDown()
{
var dialog = new MessageDialog("This is where I would shut the computer down.");
await dialog.ShowAsync();
//System.Diagnostics.Process.Start("Shutdown", "-s -t 10");
}
But after setting this up I learned System.Diagnostics.Process isn't supported in UWP.
The custom commands I want to run involve some sort of execution such as launching external programs, running other scripts, or opening websites.
It makes sense that UWP doesn't support them given that it's universal and an XBox or a phone might not be able to do these, but I was hoping there was some alternative or hacky way to accomplish this on a Windows 10 PC.
Is there a way for me to execute Process commands or something else with similar functionality in a UWP application? It seems like even though I can get Cortana to execute my C# code, UWP doesn't support much that would be useful in this situation.
Thanks in advance.
There are - limited - ways to achieve similar behavior.
You could use LaunchUri to trigger other apps which registered for a certain URI-Scheme. This should work for your webbrowser scenario. More details here:
https://msdn.microsoft.com/en-us/library/windows/apps/windows.system.launcher.launchuriasync.aspx
You could trigger another app and get results back from it using LaunchForResults. The called app has to support this. More details here:
https://msdn.microsoft.com/en-us/library/windows/apps/mt269386.aspx
You could trigger App Services provided by another app. The called app has to support this. The app service will be executed in background. ( I think this is pretty cool.) More details here:http://blogs.msdn.com/b/mvpawardprogram/archive/2015/06/11/writing-windows-10-app-services-in-javascript.aspx
This is a little hacky: I'm not sure if this still works but it did work for Windows 8.1: You could create a so called "Brokered Component". This allows you to trigger everything from you app on you machine, but you won't be able to publish a brokered component into the store. This also allowed Process.Start() on Windows 8.1. It only worked for sideloaded apps. I'm not sure if it still works on Windows 10.
More info here: https://msdn.microsoft.com/en-us/library/windows/apps/dn630195.aspx
Summary:
Starting another app is pretty easy as long as the target app registered as app service or registered a protocol handler (Uri scheme).
Starting scripts or other *.exe is impossible if option 4 doesn't work any longer.
With the Windows 10 Anniversary Update (1607) there is an option to enable this scenario on PC. With this API in the Desktop Extension SDK you can launch a fulltrust process that runs at the full user privileges:
https://learn.microsoft.com/en-us/uwp/api/Windows.ApplicationModel.FullTrustProcessLauncher
This way you can light it up on the platforms where it is supported, i.e. PCs running 1607 or above. And your app will still be universal:
if (ApiInformation.IsApiContractPresent("Windows.ApplicationModel.FullTrustAppContract", 1, 0))
{
await FullTrustProcessLauncher.LaunchFullTrustProcessForCurrentAppAsync();
}
At the moment we have .NET WinService started under LocalService user at windows start. The service launch another WinForms Application using Process.Start().
But there are several problems in this solution:
We don't wait for an interactive user logon and the Application falls because it tries and fails to initialize DirectX device.
Application launched under LocalService perfectly interacts with user desktop in Windows XP. But it doesn't work in Windows 7 because of there are different graphic stations for each user in win7.
Sometimes we need to run application with current interactive logon user rights.
Does anybody know how to wait for user interactive logon in the service and start WinForms Application with these user rights?
I think this helps to solve all problems.
You will need a separate client app. Check out this document, page 6: http://msdn.microsoft.com/en-us/windows/hardware/gg463353.aspx.
For your monitoring/restart scenario look at CreateProcessAsUser as mentioned in the document. You will almost certainly need to have your client app coordinate with the service for this, and it's still pushing a square peg into a round hole.
I would try using a combination of the answers above.
To solve #1
At user logon, launch the Winforms application using autostart in registry or startup folder. Make it notify the service that it was started successfully.
To make sure that the Winform app is started successfully after user log on:
Have your service that checks if application is started running in the background as you have now but don't let it do the initial startup.
Instead just let it register when user logs on, should be possible to do by listening to OnSessionChange.
Set a delay for X number of seconds to allow the login/startup process finish before it starts checking for a running application (ok maybe not the best solution).
If the service discovers that the application is not started or crashes, restart it from the service using the method Mark points out, CreateProcessAsUser.
Is it possible that this just isn't the right approach for what you're trying to do? It seems possible that you'd be better off putting the monitoring logic or whatever has the uptime requirements into the service so that it's "always on" so to speak. Then you would be left with UI logic in the WinForms app, which could be open or closed with no ill effect.
Basically i need the way to just have a popup schedule to open every morning when the user log in his computer. an application to install in his computer. I am not quite sure what to use? Any direction
The 2 ways I have done something similar to this using Visual Studio and .net language are:
1) creating a Windows Service
2) creating a Console Application that runs from the task scheduler as described by user 281693
IMO Console app + task scheduler is easiest. Windows Service requires a bit more setting up.
It can be done using Windows Task Scheduler. Go to Windows Scheduler. Add a task and select to run it when user logs on.