Is it possible to create a Windows 10 account that can be used in a C# program to read all users directories (if they are not encrypted)? I'm looking to create an account that I can use to look for duplicate images across user profiles. The following code gives me an access denied on the the Documents and Settings folder even when I run the code in an elevated manner.
DirectoryInfo diInfo = new DirectoryInfo(#"C:\Users");
var dirs = diInfo.EnumerateDirectories("*", SearchOption.AllDirectories);
I get an UnauthorizedAccessException with this code even though I can access all of the folders within the Users directory through Windows Explorer. In the application manifest file I have the requestedExecutionLevel set as follows:
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
I noticed in Explorer I have to click on Permanently get access to this colder. Is there a way to do this in C#?
You need administrator rights to do this.
The "highestAvailable" level may provide these, but only if you run the program as an administrator.
Using the "requireAdministrator" level may be the better alternativ here. The system will prompt for credentials if the process is not running with administrative permissions.
Note: For Debugging you might need to run your IDE as an administrator
Related
I need to write files into a folder using c# that is outside of root folder on IIS 7.
I have made the folder and given IIS_IUSRS and the app pool users all rights on the folder but I always get UnauthorizedAccessException when I try to write to it.
Everything I googled says the solution is virtual directory, but I cant have the folder emptied every time I publish the web.
Is there a solution to this?
You also need to grant file access permissions to the NETWORK SERVICE account.
I searched about this on internet but could not find exact answer.
In my application, I have a functionality which copies the files in folder (say pqr) to the location where user wanted. The location of source folder is the location of installed application (say c:\Program Files\abc\pqr).
When user is logged in to the machine with 'administrator rights', user is able to use this functionality. But when the user is logged in to the machine with having 'User rights' (non-admin user), this functionality throws exception that access to c:\Program Files\abc\pqr folder is denied.
I tried to elevate user privileges by using below attributes to copy method:
[PrincipalPermission(SecurityAction.Demand, Role = #"BUILTIN\Administrators")]
[PermissionSet(SecurityAction.Demand, Name="FullTrust")]
I also tried adding manifest file with below changes:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
But none of the approach worked.
Then I installed my application on D drive. And after that when I tried with the non-admin user the functionality worked as expected.
So when the application is installed in C:\Program Files, functionality was not working for non-admin user.But after installing the application to another location it worked for non-admin user.
So my question is, is it possible to give the rights if C:\Program Files to non-admin user programmatically in the application or we need to have admin users for using this functionality?
Changing the manifest is most simple way to elevate privileges. Change it in VS. But it is bad practice to require admin privileges for regular software.
You can make program folder accessible for all users during install. For example it can be made with InnoSetup with Permissions: users-modify in [Files] group.
If the source files are in Program Files and you copy in another location, probably the problem is in wrong file access when opening source files. Open for reading only.
var startInfo = new ProcessStartInfo("yourApplication.exe") { Verb = "runas" };
Process.Start(startInfo);
Environment.Exit(0);
or
application.exit();
if you are using winforms
but be careful to excute this code one time because if you put it in the load event you will get overflow in memory
I've been programming in C# for quite sometime now. I've got lot of help from you'll during the past few days. But I'm stuck here...
I have built an .exe file and changed the manifest so that on execution it needs administrative privileges. I changed the following in the manifest
requestedExecutionLevel level="requireAdministrator" uiAccess="false"
This would prompt a UAC window which would inform the user that the .exe file requires admin privileges.
Now, I've made my .exe file to copy itself in another location on the local machine. But the catch is, the copied file also requires admin privileges when I run it. I want to edit the privileges of that copied file. I want the copied file to have no such constraint of admin privileges. I want to make it run normally.
I need this done because I've made the .exe file to change the registry which calls the copied .exe file at every startup. I've noticed that with the copied .exe file having admin privileges, the registry tweak doesn't work. Although it works perfectly when the .exe file doesn't require any admin privileges.
Is there a way out of this?
I've been publishing my game for me and my friend to test and I've started to make a text file in the code to use as an error log but I'm getting some problems and I can't find anything on the internet to help me.
I want it so the user can get the installation files, install it at a custom location, run it through a shortcut and so I can create files where the user installed it for saving the game, an error log and such.
What happens is, I make a clickonce application, but after using the setup.exe the shortcut isn't usable, it just says "program has stopped responding" because it's trying to make a file and I can't run it as administrator. I can only set administrator to the setup.exe, there's just no options for the game's shortcut or any of the clickonce applications. And I have no idea how to let the user choose an installation directory.
I've searched through google and the msdn library but I can't find anything. It says if I don't use clickonce deployment I need another installation package but I can't find anything. I also tried modifying the app.manifest to turn:
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
to
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
but it won't allow me to publish it then because it's a clickonce application and if i turn it off in the security it just turns it back on when i try to publish it. Can someone please tell me my options, I just want a normal game installation like every other game it's driving me nuts I can't find anything.
This is not a direct answer to the question, but it might be what you actually need.
You should be able to create and use files in the ClickOnce applications deployment folder without any security restrictions (no admin rights needed), which you can access with
ApplicationDeployment.CurrentDeployment.DataDirectory
Note that when updating the application all the content in this folder will be rewritten, so you should recreate any log files and such you have.
Edit
Actually, strike that - this msdn article says otherwise: you still need security permissions in order to read and write to this folder.
However, it also says that Isolated Storage is used exactly for this purpose: reading and writing application-specific data in partial trust, such as with un-elevated ClickOnce applications:
Isolated Storage
Isolated Storage provides an API for creating and accessing files by
using a simple API. The actual location of the stored files is hidden
from both the developer and the user.
Isolated Storage works in all versions of the .NET Framework. Isolated
Storage also works in partially trusted applications without the need
for additional permission grants. You should use Isolated Storage if
your application must run in partial trust, but must maintain
application-specific data.
Edit 2
But still, before using isolated storage, try the application deployment directory - it works fine for me!
Similar to: Request Windows Vista UAC elevation if path is protected?
I have a .NET Client Application installed in c:\Program Files (Windows Vista). This application should update itself, but it doesn't because of permission issues. The auto-updater should simply replace a couple of assemblies, but they are all located under c:\Program File and the application throws the following exception:
System.UnauthorizedAccessException:
Access to the path 'C:\Program
Files...' is denied.
I have no control on where the application could be installed and the permission. Is there any workaround for this? Is it possible to request the Administrator rights for a couple of seconds? Is it possible to pop a UAC window? I am pretty sure that there a workaround... Otherwise, how Firefox would be able to update itself?
Thanks in advance for the help and ideas!
Could you use a Click Once deployment method? We use this for an internal application and users have no problems with permissions when we publish a new version. They are prompted to install the update when they launch the app (if a new version exists) and it installs without a hitch.
You can't elevate a process's permissions halfway through, but you can start up another separate process with higher permissions that can do the work for you.
Get your main application to put all the files / installation details into a low-permission temporary location. When you're ready, start up a smaller application whose only job is to copy over those files to the Program Files directory (and maybe restart your main application with the new updates). Mark that application as requiring the needed permission to copy to the Program Files directory or write to the registry (or whatever else is needed).