I'm trying to run powershell script, but during this operation is required administrator rights for powershell.exe.
Using this example everything working successfully
var process = new Process();
const string password = "pwd";
SecureString str;
char[] chArray = password.ToCharArray();
unsafe
{
fixed (char* chRef = chArray)
{
str = new SecureString(chRef, chArray.Length);
}
}
var info = new ProcessStartInfo
{
FileName = "powershell.exe",
//UserName = username,
//Password = str,
//Domain = domain,
UseShellExecute = true,
Verb = "runas",
Arguments = arguments
};
process.StartInfo = info;
process.Start();
but it calls User Account Controll and I should press "OK".
if I comment verb and set shellexecute as false PS console starting with non-administrator rights.
How can I avoid UAC to run powershell.exe with administrator rights?
You have to disable UAC, you can google for instructions. End users of your app will have to deal, but you can ensure your app has admin rights off the jump by altering the manifest.
Related
public static string StartProcess(string cmd, string args, string workingDirectory, string username, string password)
{
// launch system process
ProcessStartInfo startInfo = new ProcessStartInfo(cmd, args);
startInfo.WindowStyle = ProcessWindowStyle.Hidden;
startInfo.RedirectStandardOutput = true;
startInfo.RedirectStandardInput = true;
startInfo.UseShellExecute = false;
startInfo.CreateNoWindow = true;
startInfo.UserName = username;
startInfo.Password = ConvertStringToSecureString(password);
// get working directory from executable path
if (String.IsNullOrEmpty(workingDirectory))
{
startInfo.WorkingDirectory = Path.GetDirectoryName(cmd);
}
else
{
startInfo.WorkingDirectory = workingDirectory;
}
var results = new StringBuilder();
using (var process = Process.Start(startInfo))
{
process.StandardInput.Flush();
process.StandardInput.Close();
var reader = process.StandardOutput;
string lineOut;
while ((lineOut = reader.ReadLine()) != null)
{
results.AppendLine(lineOut);
}
while (!process.HasExited) System.Threading.Thread.Sleep(1000);
}
return results.ToString();
}
I am trying to launch a process from within my IIS application using a different username / password than the one that the IIS application pool is operating under.
The IIS app pool is running under a full admin user, and when the process starts, it completes, the result is return, no issues. When I specify a username / password, the process starts, then immediately closes.
I also have
Application popup: conhost.exe - Application Error : The application was unable to start correctly (0xc0000142). Click OK to close the application.
in my event logs. If I take the above code and put into its own exe file and run it via the desktop using the same admin user IIS is running under, the process starts (using the username / password for the other user) and completes without issues.
It appears to just be limited to IIS. Am I missing something?
For me chaging the user/process id of the application pool of my site worked.
Go to IIS Manager -> app pools -> select your pool -> advanced settings
-> under process model you can set your identity for example to your local admin account.
I want to change the physical path of an application running on my IIS 7 from another application that runs on my IIS . I tried to do this via appcmd.exe. However, this seems to be impossible due to lack of authorization from the asp.net application.
That is basically what I'm trying to do
private static string Execute(string IISAppName, string NewIISPath)
{
var winPath = Environment.GetFolderPath(Environment.SpecialFolder.Windows);
var appcmdPath = Path.Combine(winPath, "system32", "inetsrv/appcmd.exe");
var arg = "set app /app.name:\"" + IISAppName + "\" /[path='/'].physicalPath:" + NewIISPath;
ProcessStartInfo startInfo = new ProcessStartInfo(appcmdPath, arg)
{
WindowStyle = ProcessWindowStyle.Hidden,
RedirectStandardOutput = true,
UseShellExecute = false,
CreateNoWindow = true
};
Process process = Process.Start(startInfo);
var textResult = process.StandardOutput.ReadToEnd();
process.WaitForExit();
return textResult;
}
textResult is an empty string.
Any ideas?
The AppPool for the ASP.NET site would have to be configured to run as a user with admin privilege on the box to execute that script. In almost all cases, this is a bad idea for security reasons.
I am developing an App where I need to Run Git Command from C#. I used Process to run Commands if I am passing user Name and password then Is says UserName or Password is Incorrect but it actual working Conventional. Below is my Code:-
public static void PullCode(string gitCommand)
{
string strPassword = "Password";
ProcessStartInfo gitInfo = new ProcessStartInfo();
Process gitProcess = new Process();
gitInfo.CreateNoWindow = true;
gitInfo.UserName = "UserNAme";
gitInfo.Password = Misc.ConvertPassword(strPassword);
gitInfo.UseShellExecute = false;
gitInfo.FileName = #"C:\Program Files (x86)\Git\bin\git.exe"; //git repostory directory path
gitInfo.Arguments = gitCommand; //git command such as "fetch orign"
gitInfo.WorkingDirectory = #"E:\Code Demo\testrepo"; //YOUR_GIT_REPOSITORY_PATH Where you want to Copy Data
gitInfo.RedirectStandardError = true;
gitInfo.RedirectStandardOutput = true;
using( var proc = new System.Diagnostics.Process() )
{
proc.StartInfo = gitInfo;
proc.Start();
var output = proc.StandardOutput.ReadToEnd();
var error = proc.StandardError.ReadToEnd();
var logRaw = string.IsNullOrEmpty( output ) && !string.IsNullOrEmpty( error )
? error.Split( '\n' ).ToArray()
: output.Split( '\n' ).ToArray();
proc.WaitForExit();
proc.Close();
}
}
You have two options. The first one is to set the configuration for your git repo (or globally) to use the git askpass witch is "git config core.askpass git-gui--askpass". Call this as the first command for your process. The drawback here is that each time you do a modifying command it will ask for password.
Or you can have your own executable witch will ask for password once, and have the option to store the password into your application. But here you will have to be careful since if you don't store it properly it will be a security risk.
I need to ensure that my widnows app (winform not console) runs under a certain user account (in other words any user can be logged on to the maching but the .exe will always execute as the specified user).
Can this be done programtically? If so, how?
You can start the application like this:
ProcessStartInfo psi = new ProcessStartInfo(myPath);
psi.UserName = username;
SecureString ss = new SecureString();
foreach (char c in password)
{
ss.AppendChar(c);
}
psi.Password = ss;
psi.UseShellExecute = false;
Process.Start(psi);
One thing you could do in your app is check if you're running as the desired user, and if not, create a new instance of your app as that other user. The first instance would then exit.
To check which user you are running as, you could adapt the solution from here so that the process queries itself for its token information.
Use CreateProcessWithLogonW, passing the LOGON_WITH_PROFILE login flag. The user you are logging in as must have the appropriate policies set to be allowed to log on interactively.
EDIT: Now that you have indicated that you are using .NET, here's how you should do it:
First you need to find out which user you are currently running as. Use the WindowsIdentity class from the System.Security.Principal namespace. Call its GetCurrent method to obtain the WindowsIdentity object for the user that you are running as. The Name property will give you the actual user name that you are running under.
In your ProcessStartInfo object, set LoadUserProfile = true, the FileName field, possibly the Arguments field, the UserName and Password fields, possibly the Domain field, and set UseShellExecute = false. Then call Process.Start(), passing in your ProcessStartInfo object.
Here's a sample that I threw together, but I don't have a C# compiler installed to test it:
using System;
using System.Diagnostics;
using System.Security;
using System.Security.Principal;
// Suppose I need to run as user "foo" with password "bar"
class TestApp
{
static void Main( string[] args )
{
string userName = WindowsIdentity.GetCurrent().Name;
if( !userName.Equals( "foo" ) ) {
ProcessStartInfo startInfo = new ProcessStartInfo();
startInfo.FileName = "testapp.exe";
startInfo.UserName = "foo";
SecureString password = new SecureString();
password.AppendChar( 'b' );
password.AppendChar( 'a' );
password.AppendChar( 'r' );
startInfo.Password = password;
startInfo.LoadUserProfile = true;
startInfo.UseShellExecute = false;
Process.Start( startInfo );
return;
}
// If we make it here then we're running as "foo"
}
}
I have a process that needs to run under administrative privileges. I need the average joe to run the process, but I don't want to give everyone access... so I've created a simple class that will run this ONE task as an administrator, using impersonation.
The code is VERY striaght-forward, but I can't understand why this is crashing. HELP??!!
I'm running this via a batch file, and I've even copied the file that needs to execute to the local hard drive, thinking this might be a permission issue for running an app over the network.
public static Process ImpersonateProcess(string exe, string args, string Username, string Password)
{
ProcessStartInfo psi = new ProcessStartInfo(exe);
psi.Arguments = args;
psi.UseShellExecute = false;
psi.UserName = Username;
psi.Password = new SecureString();
foreach (char c in Password.ToCharArray())
{
psi.Password.AppendChar(c);
}
Process proc = null;
Console.WriteLine("starting...");
proc = Process.Start(psi);
Console.WriteLine("started");
return proc;
}
In the code above, I never get to "started". It throws an error in the Process.Start(psi) and with an error message of "the directory name is invalid."
It could be because you're not setting the WorkingDirectory property. According to the
docs:
Important Note:
The WorkingDirectory property must be set if UserName and Password are provided. If the property is not set, the default working directory is %SYSTEMROOT%\system32.