I am attempting to start a hidden console application, but require the application to have elevated privileges.
I have successfully managed to have the UAC prompt appear, however can't get it to appear when I try to start the process hidden.
ProcessStartInfo proc = new ProcessStartInfo();
proc.UseShellExecute = false;
proc.FileName = "C:/example.exe";
proc.CreateNoWindow = true;
proc.Verb = "runas";
This will result in a process starting in the background, except without a prompt appearing (and without elevated priveleges). If I change UseShellExecute to true, then the UAC prompt appears, however the console window is visible too.
You need to set WindowStyle to ProcessWindowStyle.Hidden, as Jexus Manager shows,
https://github.com/jexuswebserver/JexusManager/blob/be90688abd03780a714dc401054e22fa4afa2be3/Microsoft.Web.Administration/IisExpressServerManager.cs#L41
Related
I know this question was asked before over and over, but I couldn´t find a solution that worked for me.
my application needs to do some modification in the program files folders. It starts as a regular user. I found out that adding the app.manifest helps. So here´s part of my code:
ProcessStartInfo info = new ProcessStartInfo();
info.FileName = "cmd.exe";
info.Arguments = #"/c echo abc > ""%programfiles(x86)%\testfile.txt"""
info.CreateNoWindow = true;
info.UseShellExecute = false;
info.RedirectStandardOutput = true;
info.RedirectStandardError = true;
info.WorkingDirectory = #"C:\Temp";
Process proc = new Process();
proc.StartInfo = info;
proc.Start();
Console.WriteLine(proc.StandardOutput.ReadToEnd());
Console.WriteLine(proc.StandardError.ReadToEnd());
proc.WaitForExit();
In my app.manifest this is what is relevant:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
If the user executing the application is a regular user, a UAC prompt will pop up requesting username and password (because of the manifest). Now, if I start the application with an admin user (using psexec for example)...
psexec.exe -u Username -p Password cmd /c myapp.exe
... I thought it would run like a charm, but instead it pops up a slightly different message asking me to confirm that I want the program to run (without fields for username and password). If I say yes, it runs fine.
What I want is that it runs with admin privileges, without any prompt, and without disabling UAC on registry for example. Is that even possible?
I have c# web application project in which i want to install user uploaded .ttf font files into system.
I am using FontReg for the same. We can execute by using command line parameters as D:\TFS\Dev\Sprint_18_III\UI\Web\FontFiles>FontReg /copy so it will install all .ttf files present in directory
same this i am trying to achieve in c# code
using (Process process = new Process())
{
ProcessStartInfo startInfo = new ProcessStartInfo();
startInfo.Verb = "runas";
startInfo.WindowStyle = System.Diagnostics.ProcessWindowStyle.Hidden;
startInfo.FileName = "D:\\TFS\\Dev\\Sprint_18_III\\UI\\Web\\FontFiles\\FontReg.exe";
startInfo.Arguments = "/copy";
process.StartInfo = startInfo;
process.Start();
process.WaitForExit();
}
Process gets completed but font doesn't install. What i am missing here ?
I dont want to give admin rights to entire web application running. It should be specific to one method only.
I believe that you are running the program with a under-privileged user... the IIS user, by default is "Network Authority", and this account cannot perform changes in the windows directory... try running this with a admin account...
I'm working on an application in C# that should start a process in the command prompt window, but hide the window, when the user logs on.
At this point, the application is configured to launch on a Terminal Server when users log on. The application starts, but the process in the command prompt fails to launch (I can tell by looking at the task manager). If I end-task on the application and start it by double-clicking the application itself, it starts the process hidden as I expect.
Any ideas why it won't work if launch as part of a logon script, but will if I launch it manually?
System.Diagnostics.ProcessStartInfo procStartInfo = new System.Diagnostics.ProcessStartInfo("cmd.exe", "/c " + LaunchCommand);
procStartInfo.WindowStyle = ProcessWindowStyle.Hidden;
System.Diagnostics.Process process = new System.Diagnostics.Process();
process.StartInfo = procStartInfo;
process.Start();
//Where LaunchCommand contains C:\MyService.exe
This outputs the data to Visual Studios command window, try using
Console.[the command]
I have a winforms app that installs other apps in a loop. This works properly on an administrator account in Windows 7, but I have serious issues in a standard account - the app requires elevation in order to write to "Program Files(x86)" folder.
Therefore I am trying to ask for elevation for a specific method (the one that runs the installers) in a winforms c# app, using this code:
[System.Security.Permissions.PrincipalPermission(System.Security.Permissions.SecurityAction.Demand, Role = #"BUILTIN\Administrators")]
After receiving an error, I learned from the web that before calling the method which carries the above attribute, I need to write this:
AppDomain.CurrentDomain.SetPrincipalPolicy(PrincipalPolicy.WindowsPrincipal);
I did this, and the method still throws the following error:
Request for principal permission failed.
Step by step debugging passes the SetPrincipalPolicy line but, when it reaches the method with the Demand atribute, it just throws the same error, as if the SetPrincipalPolicy never existed.
Am I doing something wrong in setting the Demand attribute properly?
Thank you in advance.
LATER EDIT: as requested here is the code that is supposed to trigger the elevation request when installing the app silently (but does not work):
WindowsPrincipal principal = new WindowsPrincipal(WindowsIdentity.GetCurrent());
bool hasAdministrativeRight = principal.IsInRole(WindowsBuiltInRole.Administrator);
if (!hasAdministrativeRight)
{
ProcessStartInfo psi = new ProcessStartInfo(file);
psi.WindowStyle = ProcessWindowStyle.Hidden;
psi.UseShellExecute = true;
psi.Verb = "runas";
//psi.CreateNoWindow = true;
psi.Arguments = modifiers;
try
{
using (Process process = Process.Start(psi))
{
process.WaitForExit();
if (process.HasExited)
return process.ExitCode;
}
}
catch (Win32Exception wex)
{
}
}
What I need, is for that process to pop a dialog asking for username and password for admin, if the app was ran under a Windows Standard User. Only the process started programmatically above should run as admin, the main app itself can remain as a standard user.
This is just not the way UAC works. It is process based, the user only ever gets the "please let me mess with your machine" prompt when you start a new process. With the proper incantation of "I need the user's consent to mess with the machine, please say Yes" signal embedded in the program. Which you do by this answer.
Death to the idea of making it method based. Unreasonable to a programmer, makes sense to a user. User wins.
You can either force your app to always run as an admin. This is how you do that. It is not recommended however for your app to need admin privileges to run.
If you start a Process to run the installer, you can check here how to run the process as an admin.
A third option which Visual Studio uses is that when you do something where you need admin privileges you are prompted to restart the app and it then restarts the app as an admin and you can perform the tasks. Just use the code from the second way to start your app.
The method you've posted to run as admin will check if the user is admin and then start the process as an admin. If the user doesn't have admin rights the app won't even start. A better solution is to always try to run the process as an admin. Then the user will get an UAC prompt with password and username, which an admin can fill in.
public static int RunAsAdmin(string fileName)
{
ProcessStartInfo psi = new ProcessStartInfo(fileName);
psi.WindowStyle = ProcessWindowStyle.Hidden;
psi.UseShellExecute = true;
psi.Verb = "runas";
psi.Arguments = modifiers;
try
{
using (Process process = Process.Start(psi))
{
process.WaitForExit();
if (process.HasExited)
return process.ExitCode;
}
}
catch (Win32Exception wex)
{
}
return 0;
}
I have a program that needs to run as a normal user most of the time, but once in a while I need to stop and start a service. How do I go about making a program that runs as a normal user most of the time but elevates into administrator mode for some function?
You can't elevate a process once its running but you could either :-
Restart the process as elevated
private void elevateCurrentProcess()
{
ProcessStartInfo startInfo = new ProcessStartInfo();
startInfo.UseShellExecute = true;
startInfo.WorkingDirectory = Environment.CurrentDirectory;
startInfo.FileName = Application.ExecutablePath;
startInfo.Verb = "runas";
try
{
Process p = Process.Start(startInfo);
}
catch
{
// User didn't allow UAC
return;
}
Application.Exit();
}
This method means that your process continues to run elevated and no more UAC promopts - both a good and a bad thing, depends upon your audience.
Put the code that requires elevation into a seperate exe
Set the manifest as requireAdministrator and start it as a separate process. See this sample code
This method means a UAC prompt every time you run the operation.
Best method depends upon your audience (admin types or not) and frequency of the elevated operation.
As far as I know, you need to start a seperate process that runs as the administrator. You can't elevate a process once it's already been started.
See this question.
You need to use what is referred to as Impersonation..
[http://support.microsoft.com/kb/306158][1]
The above shows how it would be accomplished for an ASP.Net app, but the code is probably near identical for your needs.