I 've an aplication which puts another application in startup.
I've put the latter exe in startup using the following
code:
string strExeFilePath = System.Reflection.Assembly.GetExecutingAssembly().Location;
string strWorkPath = System.IO.Path.GetDirectoryName(strExeFilePath);
using (RegistryKey key = Registry.CurrentUser.OpenSubKey("SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Run", true))
{
key.SetValue("my_service_name", strWorkPath + "\\MyProgram.exe");
}
It successfully put the entry in regedit. 'my_service_name' is listed in the 'startup' tab of the Task Manager also, But its in 'Disabled' state.
How can I enable it programmatically while adding to regedit? Why is it not 'Enabled' by default?.
I have this code but I don't seem to understand exactly the purpose of the permission Demand method
RegistryPermission registryPermission = new RegistryPermission(RegistryPermissionAccess.AllAccess, #"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run");
registryPermission.Demand();
RegistryKey regKey = Registry.LocalMachine.OpenSubKey(#"SOFTWARE\Microsoft\Windows\CurrentVersion\Run", RegistryKeyPermissionCheck.ReadWriteSubTree);
if (checkBoxLoadStartup.Checked)
{
//make an entry in the registry to make this program run at start up
regKey.SetValue(Application.ExecutablePath.ToString(), Application.ExecutablePath.ToString());
}
else
{
//delete the entry
regKey.DeleteValue(Application.ExecutablePath.ToString());
}
I expected to see a window popping up and asking me to allow the permissions to write the registry. Instead I got an exception. To make it work I added:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
in app.manifest and now I don't see any popups but I'm allowed to change the values.
Is it possible to show a popup asking a question to give permissions to change the registry and based on the given permissions to modify or not the registry key?
Iam asking this question as a series to the below link
Unable to delete .exe file through c#
While i was debugging the application,iam able to delete the .exe file.But when i try to delete the application after installing in the desktop,again iam getting the exception message as "Access is denied".
Edit:-
The code i am using to delete the file
public bool deleteAppExecutable(string filePath)
{
try
{
if (File.Exists(filePath))
{
var di = new DirectoryInfo(AppDomain.CurrentDomain.BaseDirectory);
di.Attributes &= ~FileAttributes.ReadOnly;
SetAccessRule(filePath);
File.SetAttributes(filePath, File.GetAttributes(filePath) & ~FileAttributes.ReadOnly);
File.Delete(filePath);
}
return true;
}
catch (Exception ex)
{
return false;
}
}
public static void SetAccessRule(string filePath)
{
FileInfo dInfo = new FileInfo(filePath);
FileSecurity dSecurity = dInfo.GetAccessControl();
dSecurity.AddAccessRule(new FileSystemAccessRule(Environment.UserName, FileSystemRights.Delete, AccessControlType.Allow));
dInfo.Refresh();
dInfo.SetAccessControl(dSecurity);
}
I found the solution why i am getting the "access is denied" exception in my application.
Since i am deleting a file inside the application through code i need to have the privilege of "Administrator".
One way is to make the user login manually as administrator.But that is not a better option.
Another way is to create an App Manifest file within your project and set the level as "administrator."
Creating App Manifest--> Right click on the project->Add new item-->Select App Manifest option from the right pane->Click ok
Open the manifest file and change the level to "requireAdministartor".
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
This will solve the issue while running the application,it will prompt user to run as administrator.
Hope this will be helpful to someone in future. :)
Check that you have full permissions on the folder the exe is contained in (and all of it's child objects)
I'm creating an application that will modify Windows Services. For some reason however, it won't let me run "cs config SERVICE_NAME set= SETTING" or modify the registry to change the startup setting for a Service since Admin is required. I already gave it full admin access on an admin account.
No matter what I do it will always through an error saying it doesn't have access with the Registry or it won't set it with CMD because it doesn't have permission. The specific Service it gets stuck on is called "DCOM Server Process Launcher"
Here's the security settings in my app's Manifest
<trustInfo xmlns="urn:schemas-microsoft-com:asm.v2">
<security>
<requestedPrivileges xmlns="urn:schemas-microsoft-com:asm.v3">
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
</requestedPrivileges>
<applicationRequestMinimum>
<defaultAssemblyRequest permissionSetReference="Custom" />
<PermissionSet ID="Custom" SameSite="site" />
</applicationRequestMinimum>
</security>
</trustInfo>
This gives it admin rights when it starts up the program. I've even manually right-clicked the file and chose "Run as Administrator" and it still would not work.
To go into the Registry, this is the code and it also contains the CMD Process.
RegistryKey key = null;
key = Registry.LocalMachine.OpenSubKey("SYSTEM\\CurrentControlSet\\Services\\" + service, true); //true should make it Read/Write??
if (key != null)
{
//cmd.issueCmd("sc config " + service + " start= " + setting); //set a service with CMD
key.SetValue("Start", val, RegistryValueKind.DWord); //set a service with Registry
if (setting.Equals("delayed-auto"))
{
key.SetValue("DelayedAutoStart", 1, RegistryValueKind.DWord); //Add the Delayed-Start Registry if needed
}
}
if (key != null)
{
key.Close();
}
return;
Here's the CMD Process code:
//Create a Hidden CMD Prompt to issue commands
ProcessStartInfo processStartInfo = new ProcessStartInfo();
processStartInfo.RedirectStandardInput = true;
processStartInfo.RedirectStandardOutput = true;
processStartInfo.UseShellExecute = false;
processStartInfo.CreateNoWindow = true;
processStartInfo.FileName = "cmd.exe";
processStartInfo.Verb = "runas"; //should give it admin??
cmd = Process.Start(processStartInfo);
I found the solution to this after a lot of research. I used the example provided from this post on codeproject: http://www.codeproject.com/Articles/7665/Extend-ServiceController-class-to-change-the-Start
After setting it up and changing it to how I needed, everything worked fine for all Windows Operating Systems (XP and newer at least).
Once my program is installed on a client machine, how do I force my program to run as an administrator on Windows 7?
You'll want to modify the manifest that gets embedded in the program. This works on Visual Studio 2008 and higher: Project + Add New Item, select "Application Manifest File". Change the <requestedExecutionLevel> element to:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
The user gets the UAC prompt when they start the program. Use wisely; their patience can wear out quickly.
Adding a requestedExecutionLevel element to your manifest is only half the battle; you have to remember that UAC can be turned off. If it is, you have to perform the check the old school way and put up an error dialog if the user is not administrator (call IsInRole(WindowsBuiltInRole.Administrator) on your thread's CurrentPrincipal).
The detailed steps are as follow.
Add application manifest file to project
Change application setting to "app.manifest"
Update tag of "requestedExecutionLevel" to requireAdministrator.
Note that using this code you need to turn off the security settings of ClickOnce, for do this, go inside Properties -> Security -> ClickOnce Security
I implemented some code to do it manually:
using System.Security.Principal;
public bool IsUserAdministrator()
{
bool isAdmin;
try
{
WindowsIdentity user = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(user);
isAdmin = principal.IsInRole(WindowsBuiltInRole.Administrator);
}
catch (UnauthorizedAccessException ex)
{
isAdmin = false;
}
catch (Exception ex)
{
isAdmin = false;
}
return isAdmin;
}
You can embed a manifest file in the EXE file, which will cause Windows (7 or higher) to always run the program as an administrator.
You can find more details in Step 6: Create and Embed an Application Manifest (UAC) (MSDN).
While working on Visual Studio 2008, right click on Project -> Add New Item and then chose Application Manifest File.
In the manifest file, you will find the tag requestedExecutionLevel, and you may set the level to three values:
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
OR
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
OR
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
To set your application to run as administrator, you have to chose the middle one.
Another way of doing this, in code only, is to detect if the process is running as admin like in the answer by #NG.. And then open the application again and close the current one.
I use this code when an application only needs admin privileges when run under certain conditions, such as when installing itself as a service. So it doesn't need to run as admin all the time like the other answers force it too.
Note in the below code NeedsToRunAsAdmin is a method that detects if under current conditions admin privileges are required. If this returns false the code will not elevate itself. This is a major advantage of this approach over the others.
Although this code has the advantages stated above, it does need to re-launch itself as a new process which isn't always what you want.
private static void Main(string[] args)
{
if (NeedsToRunAsAdmin() && !IsRunAsAdmin())
{
ProcessStartInfo proc = new ProcessStartInfo();
proc.UseShellExecute = true;
proc.WorkingDirectory = Environment.CurrentDirectory;
proc.FileName = Assembly.GetEntryAssembly().CodeBase;
foreach (string arg in args)
{
proc.Arguments += String.Format("\"{0}\" ", arg);
}
proc.Verb = "runas";
try
{
Process.Start(proc);
}
catch
{
Console.WriteLine("This application requires elevated credentials in order to operate correctly!");
}
}
else
{
//Normal program logic...
}
}
private static bool IsRunAsAdmin()
{
WindowsIdentity id = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(id);
return principal.IsInRole(WindowsBuiltInRole.Administrator);
}
As per
<requestedExecutionLevel level="highestAvailable" uiAccess="false" />
you will want to add an application manifest if you don't already have one or don't know how to add one. As some projects don't automatically add a separate manifest file, first go to project properties, navigate to the Application tab and check to make sure your project is not excluding the manifest at the bottom of the tap.
Next, right click project
Add new Item
Last, find and click Application Manifest File
In Visual Studio 2010 right click your project name.
Hit "View Windows Settings", this generates and opens a file called "app.manifest".
Within this file replace "asInvoker" with "requireAdministrator" as explained in the commented sections within the file.
You can create the manifest using ClickOnce Security Settings, and then disable it:
Right click on the Project -> Properties -> Security -> Enable ClickOnce Security Settings
After you clicked it, a file will be created under the Project's properties folder called app.manifest once this is created, you can uncheck the Enable ClickOnce Security Settings option
Open that file and change this line :
<requestedExecutionLevel level="asInvoker" uiAccess="false" />
to:
<requestedExecutionLevel level="requireAdministrator" uiAccess="false" />
This will make the program require administrator privileges.
In case you want a code-only solution for some reason, here's a standalone class file. Just call "AdminRelauncher.RelaunchIfNotAdmin()" at application start:
using System;
using System.Diagnostics;
using System.Reflection;
using System.Security.Principal;
public static class AdminRelauncher
{
public static void RelaunchIfNotAdmin()
{
if (!RunningAsAdmin())
{
Console.WriteLine("Running as admin required!");
ProcessStartInfo proc = new ProcessStartInfo();
proc.UseShellExecute = true;
proc.WorkingDirectory = Environment.CurrentDirectory;
proc.FileName = Assembly.GetEntryAssembly().CodeBase;
proc.Verb = "runas";
try
{
Process.Start(proc);
Environment.Exit(0);
}
catch (Exception ex)
{
Console.WriteLine("This program must be run as an administrator! \n\n" + ex.ToString());
Environment.Exit(0);
}
}
}
private static bool RunningAsAdmin()
{
WindowsIdentity id = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(id);
return principal.IsInRole(WindowsBuiltInRole.Administrator);
}
}
THIS DOES NOT FORCE APPLICATION TO WORK AS ADMINISTRATOR.
This is a simplified version of the this answer, above by #NG
public bool IsUserAdministrator()
{
try
{
WindowsIdentity user = WindowsIdentity.GetCurrent();
WindowsPrincipal principal = new WindowsPrincipal(user);
return principal.IsInRole(WindowsBuiltInRole.Administrator);
}
catch
{
return false;
}
}