Run a batch file as administrator from an standard account in C#

Question

Run a batch file as administrator from an standard account in C#

I am developing an application that needs to run a batch file with administrator privileges from a normal person account. It all works fine when I am logged on to the computers administrator account but not in the "test account" without admin privileges. I do get all the information required from my App.config file to log on to the administrator account.

My first try has been to run the process as a ceratin user (the admin user) with StartInfo. But if I run the process with

p.StartInfo.Verb = "runas";

then I need to set

p.StartInfo.UseShellExecute = true;

to true for runas to work. But if I do so, I get this exception:

System.InvalidOperationException: The Process object must have the UseShellExecute property set to false in order to start a process as a user.

I change the UseShellExecute to false, but then I cant run it with "runas", and it starts the process without admin priviledges. runas only works if the Value of UseShellExecute is set to true.

Code for this solution:

string domain = config.AppSettings.Settings["domain"].Value;
string user = config.AppSettings.Settings["user"].Value;
string password = config.AppSettings.Settings["password"].Value;

try
{

        Process p = new Process();

        p.StartInfo.FileName = installationPath;
        p.StartInfo.Verb = "runas";

        System.Security.SecureString ssPwd = new System.Security.SecureString();
        for (int x = 0; x < password.Length; x++)
        {
            ssPwd.AppendChar(password[x]);
        }

        p.StartInfo.UseShellExecute = false;
        p.StartInfo.UserName = user;
        p.StartInfo.Password = ssPwd;

        p.Start();

        cmdRun.Enabled = false;

        p.WaitForExit();

}
        catch (Exception exc)
{

    Debug.WriteLine(exc);

}

My second option has been to use Impersonation. I log on, in the code, as an administrator user and then run the process. It all works out fine to log on and I tried to print the WindowsIdentity.CurrentUser() and it showed the name of the computers administrator user. Which means that the impersonation works. But when I run the code with UseShellExecute as true (necessary to run "runas") I get this exception:

A first chance exception of type 'System.ComponentModel.Win32Exception' occurred in System.dll
System.ComponentModel.Win32Exception: Unknown error (0xfffffffe)
   at System.Diagnostics.Process.StartWithShellExecuteEx(ProcessStartInfo startInfo)
   at System.Diagnostics.Process.Start()

And if I run it with UseShellExecute as false, nothing happens, no exception but allso no installation. Since it cant use runas with UseShellExecute as false.

Code for this solution:

string domain = config.AppSettings.Settings["domain"].Value;
string user = config.AppSettings.Settings["user"].Value;
string password = config.AppSettings.Settings["password"].Value;

using (new Impersonation(domain, user, password))
{

    try
    {

        Process p = new Process();

        p.StartInfo.FileName = installationPath;
        p.StartInfo.Verb = "runas";
        p.StartInfo.UseShellExecute = true;

        p.Start();

        cmdRun.Enabled = false;

        p.WaitForExit();

    }
    catch (Exception exc)
    {

        Debug.WriteLine(exc);

    }
}

All I want is to run the batch file as administrator and, preferably, allso disable the UAC. Just a smooth installation for the user. How can I achieve that?

c#

windows

batch-file

asked on Stack Overflow Sep 13, 2016 by

3DPALM • edited Sep 13, 2016 by

3DPALM

1 Answer

The way I "trick" the UAC, is that you create the batch file, and create a scheduled task to run it with highest priviliges (with no active schedule) Then you can run the schedules task from another batch file - thus totally avoiding the UAC.

Will just find an example and update

Edit: I can't find the example I am using, but here is a link that describes the technique http://www.techrepublic.com/blog/windows-and-office/run-uac-restricted-programs-without-the-uac-prompt/

Edit two: In my case I use it to start TeamViewer after the computer has started, using vbscript, but the procedure should be the same: I created a Scheduled Task with "Run with highest priviliges" called TeamViewStartDelayedUAC in the folder UACWhiteList, and then I run the command

runLine = "C:\Windows\System32\schtasks.exe /RUN /TN ""UACWhitelis\TeamViewStartDelayedUAC"""

DIM MyShell
Set MyShell = CreateObject("WScript.Shell")

MyShell.Run runLine,1,false

answered on Stack Overflow Sep 13, 2016 by

jonbdk • edited Sep 13, 2016 by

jonbdk

User contributions licensed under CC BY-SA 3.0