Non-Admin user shown in UAC prompt - c#

The following code checks for an admin user:
Text = new WindowsPrincipal(WindowsIdentity.GetCurrent()).IsInRole(WindowsBuiltInRole.Administrator).ToString();
Process p = new Process
{
StartInfo = new ProcessStartInfo
{
Verb = "runas",
FileName = "notepad",
}
};
p.Start();
When executed by my non-admin user, the first part shows "false" as expected. But in the UAC prompt - one of the "administrators" is my own account. How can that be?
(This only happens with one non-admin account. Not others on this computer. And is not offered as an option to them when executed from other accounts - they only see the real admins.)
Using a Windows 7 (x64) PC that is not connected to any other computer or domain (besides a wireless connection to the router). This was not the case until recently. Might it be that during installation of VS 2013 + Team Foundation Server somehow the account got partial Admin rights? Do partial admin rights even exist? (And yes. I've rebooted.)

Related

Runas verb not elevating on specific Windows 10 machines

I have a really odd issue, where some code that we have been running for years has stopped working on certain machines. There is no obvious pattern to the machines (in terms of Win10 build number or patch level).
The code is designed to run an application as the local administrator, and is as follows:
string strPwd = "MySecretPassword";
SecureString securePassword = new SecureString();
foreach (char ch in strPwd)
{
securePassword.AppendChar(ch);
}
ProcessStartInfo processInfo = new ProcessStartInfo();
processInfo.UserName = "Administrator";
processInfo.Password = securePassword;
processInfo.Verb = "runas";
processInfo.FileName = "cmd.exe";
processInfo.WorkingDirectory = #"c:\windows\system32";
processInfo.UseShellExecute = false;
Process.Start(processInfo);
If I run this on a "working" machine, I see the following (note, the echo test > c:\test.txt is how I am testing whether it can perform a restricted task):
Note the "Administrator" on the CMD window. Also, note that creating a file at the root of c: is allowed.
In comparison, if I run the same on another machine I get the following:
Note that in this case (running exactly the same code) the window is not running elevated. Oddly, if I look at the process in Task Manager, the owner is Administrator.
On both machines:
I am using the default Administrator account
The password is correct
The account is in the Administrators group
The account is not disabled
Furthermore, on the "bad" machine, if I right-click and choose RunAs and enter the Administrator credentials - it works perfectly. (Same result as in the first picture above.)
As an additional test I've tried using the DOS runas command and this doesn't work on the "bad" machines either. The result is slightly different though:
Note in this case the "Running as Administrator" in the title bar. (The same test on a "good" machine gives the same result as in the first picture above, i.e.: Administrator: C:\windows\system32\cmd.exe)

How can a C# program run another program with admin privileges?

I have a problem with this situation:
I made 2 programs:
The first one just print an output saying that was launched with admin provileges or not, and the second one, execute the first program with admin privileges and without use the UAC. The trouble is that the second program can't launch the first with admin privileges i don't know why.
This is my code:
Code of the first program:
// This only prints if you start as administrator or not.
bool isElevated;
WindowsIdentity identity = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(identity);
isElevated = principal.IsInRole(WindowsBuiltInRole.Administrator);
Console.WriteLine("I got admin privileges?: "+isElevated);
Code of the second program:
// This execute the first program with admin privileges without UAC
string username = "myuser";
SecureString userpass = new SecureString();
userpass.AppendChar('m');
userpass.AppendChar('y');
userpass.AppendChar('p');
userpass.AppendChar('a');
userpass.AppendChar('s');
userpass.AppendChar('s');
Process program = new Process();
program.StartInfo.UserName = username;
program.StartInfo.Password = userpass;
program.StartInfo.FileName = "Path/First_program.exe";
program.StartInfo.UseShellExecute = false;
program.Start();
PD: I don't want the user to open the UAC, thats why i already insert the username and the password.
Thanks in advance.
You have half of the answer. The other half is that the program must request to be executed with elevated privileges. By default, Windows programs run in a "Basic" trust level, regardless of the true level of permissions possible under the user. To gain access to administrative powers, the program must request elevation, which by definition will involve UAC.
Programs like yours can request elevation using the runas verb in the ProcessStartInfo, or by specifying requireAdministrator elevated permissions in the manifest of either application (assuming you control them). Either way, if UAC is enabled, the user will get a prompt.
The only way to circumvent this is to set up the program that would otherwise require elevated permissions as a Windows service, configured in services.msc to run with administrative permissions. You'll get one UAC prompt when installing/registering the service to run in this way, and from then on the service can perform that task without any further UAC action. You can then use various communication technologies, from named pipes to true network comms like TCP, to signal the service that it should do what you want.

Launching separate program as a local admin account using Process.Start

We have a piece of software used in our business that requires admin rights to run. However the staff are not allowed access to accounts with admin rights. This is within a windows 7 environment.
We have set-up a local admin accounts on the required computers through GPO.
The aim of the software I am creating to to launch the software that requires admin rights as this local admin account.
So far the software is working correctly in that it is launching the software as the account but it is still giving the errors that it gives when it does not have admin rights. If you right click and runas on the software and type in the account details manually it works fine.
SecureString pwd = new SecureString();
foreach (char c in "somepassword") { pwd.AppendChar(c); }
var psi = new ProcessStartInfo
{
FileName = location,
UserName = "localadminaccountname",
Domain = Environment.MachineName,
Password = pwd,
UseShellExecute = false,
Verb = "runas"
};
try
{
Process.Start(psi);
}
There is an exception catch statement with error reporting included with the code. There are no exceptions thrown when Process.Start(psi) is called. (Updated)
Thanks.
EDIT
The company build of windows 7 has User Access Control set to "Never Notify" so no UAC pop-up is shown when Process.Start(psi) is called.
If UAC is set to "Never Notify" then it is disabled - the user runs with the maximum set of privileges.
That means that if the user is an admin account, using the "runas" verb is unnecessary. It also means that if the user is NOT an admin account, it's possible that your application may stil fail to work (because the user can't elevate and OTS (over-the-shoulder) elevation is disabled.
Have you tried setting 'Load user profile' true for the IIS app pool? I had a similar situation. This worked for me.
Refer for more info:
Security exceptions in ASP.NET and Load User Profile option in IIS 7.5

How to run any exe with administrator privileges?

I am using makecert to create certificate i need to do it though c# program the command doesnot execute as it requires administrator privileges.
Please suggest me how to run any exe using administrator privileges in windows 7?
If possible than just suggest me the sample code.
Does th o.s. really matters in my case?
Another hint again is using UAC( User Account Control) from the code. Very interestimg source IMHO is this one http://victorhurdugaci.com/using-uac-with-c-part-1/
You can use the RunAs:
http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/runas.mspx?mfr=true and select an account with the required permissions.
Use the runas verb when starting the process:
ProcessStartInfo info = new ProcessStartInfo(path) { Verb = "runas" };
Process p = Process.Start(info);
This assumes that you are running as a user in the administrator group. In that case the UAC dialog will be shown when the process starts.
Change the manifest of the C# application so that it requires adminstrator privileges. UAC should do the rest to prompt the user and elevate the process.

How to start a Console App as running under the System Windows user account?

I tried
var process = new Process
{
StartInfo = new ProcessStartInfo
{
FileName = filename,
UserName = "System",
UseShellExecute = false,
},
};
process.Start();
but it yields
Win32Exception was unhandled
Login failed: unknown user name or wrong password
I will have to use CreateProcessAsUser?
How can I get the appropriate parameters to pass to that method?
The System accounts password is maintained interally by Windows (I think) i.e. attempting to start a process as the System account by supplying credentials in this way is ultimately destined to failure.
I did however find a forum post that describes a neat trick that can be used to run processes under the system account by (ab)using windows services:
Tip: Run process in system account (sc.exe)
Alternatively the Windows Sysinternals tool PsExec appears to allow you to run a process under the System account by using the -s switch.
The Username should be LocalSystem if you want to run your process with high privileges (it's a member of Administrators group) or LocalService for normal privileges
EDIT: My mistake LocalSystem & LocalService are not regulary users and, therefore, they cannot be provided as a username. Kragen's solution is the right one

Categories