471,354 Members | 1,199 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,354 software developers and data experts.

C# and administrator rights

Hello,
I would like to create an application which would run with administrator
rights when launched by a simple user. Is know the RunAs() command in SHELL,
but the password is still needed.

Isn't there a way, knowing the administrator's password, to
programmaticaly launch my application with those rights ?
Thank you.
Feb 3 '06 #1
2 17154

"Laurent" <mo********@free.fr> wrote in message
news:%2****************@TK2MSFTNGP15.phx.gbl...
Hello,
I would like to create an application which would run with
administrator rights when launched by a simple user. Is know the RunAs()
command in SHELL, but the password is still needed.

Isn't there a way, knowing the administrator's password, to
programmaticaly launch my application with those rights ?


How are you going to protect the admin password?

Perhaps you could use a normal program and an admin service to do the
(hopefully limited) restricted stuff.
Feb 3 '06 #2
I got this code from CodeProject but don't recall the project name. I
used this code because I needed to impersonate a specific user account
to start and stop a service on a remote machine. Perhaps it will help
you.

using System.Security.Principal;
using System.Runtime.InteropServices;
//the following code executed before you perform your task

if ( ! ImpersonationUtil.Impersonate( _userName, _password, _domain ) )

{
MessageBox.Show("Impersonation failed.");
return;
}

//Perform task as this user here...

//After your task, do this:
ImpersonationUtil.UnImpersonate();
Here is the code for the ImpersonationUtil class:

/// <summary>
/// Impersonate a windows logon.
/// </summary>
public class ImpersonationUtil {

/// <summary>
/// Impersonate given logon information.
/// </summary>
/// <param name="logon">Windows logon name.</param>
/// <param name="password">password</param>
/// <param name="domain">domain name</param>
/// <returns></returns>
public static bool Impersonate( string logon, string password, string
domain ) {
WindowsIdentity tempWindowsIdentity;
IntPtr token = IntPtr.Zero;
IntPtr tokenDuplicate = IntPtr.Zero;

if( LogonUser( logon, domain, password, LOGON32_LOGON_INTERACTIVE,
LOGON32_PROVIDER_DEFAULT, ref token) != 0 ) {

if ( DuplicateToken( token, 2, ref tokenDuplicate ) != 0 ) {
tempWindowsIdentity = new WindowsIdentity(tokenDuplicate);
impersonationContext = tempWindowsIdentity.Impersonate();
if ( null != impersonationContext ) return true;
}
}

return false;
}

/// <summary>
/// Unimpersonate.
/// </summary>
public static void UnImpersonate() {
impersonationContext.Undo();
}

[DllImport("advapi32.dll", CharSet=CharSet.Auto)]
public static extern int LogonUser(
string lpszUserName,
String lpszDomain,
String lpszPassword,
int dwLogonType,
int dwLogonProvider,
ref IntPtr phToken );

[DllImport("advapi32.dll",
CharSet=System.Runtime.InteropServices.CharSet.Aut o,
SetLastError=true)]
public extern static int DuplicateToken(
IntPtr hToken,
int impersonationLevel,
ref IntPtr hNewToken );

private const int LOGON32_LOGON_INTERACTIVE = 2;
private const int LOGON32_LOGON_NETWORK_CLEARTEXT = 4;
private const int LOGON32_PROVIDER_DEFAULT = 0;
private static WindowsImpersonationContext impersonationContext;
}

Feb 3 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

3 posts views Thread by ray well | last post: by
1 post views Thread by Jack Russell | last post: by
2 posts views Thread by bvlueberry | last post: by
5 posts views Thread by sawilla | last post: by
reply views Thread by XIAOLAOHU | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.