C＃Process。从另一个在Windows 8/10中不工作的用户开始

Question

I have program where i start USMT (load or scanstate) with a domain user that gives administrative privileges on the local computer. This is working perfectly fine in Windows 7.

The program needs to start as a non administrator user, but executing load/scanstate with administrator privileges.

However it fails when running load/scanstate properly becouse its not elevated currectly. But how can i overcome this, without having administrative rights?

Best Regards Thomas Nissen

        ProcessStartInfo restoreProcessInfo = new ProcessStartInfo
        {
            Verb = "runas",
            UseShellExecute = false,
            Domain = strAdminDomain,
            UserName = strAdminUsername,
            Password = strAdminPassword,
            FileName = loadstate.exe",
            Arguments = "blablabla"
        }

Answer 1

As far as I am aware, the "runas" Verb (any Verb, really) is only respected when UseShellExecute is set to true. Try setting UseShellExecute to true while hiding the shell window using the WindowStyle property instead.

This will, however, prevent you from capturing input and output streams from the process. Is that something you are interested in doing?

Answer 2

you can impersonate the user. Impersonation is the ability of a thread to execute using different security information than the process that owns the thread.

Check this thread for how to implement impersonation. So the process will be initially executed with windows domain user's privilege and logic that's is placed within the impersonation block will be executed with with impersonated user's privilege.

//Code outside the impersonation block will be executed with current user privilege

Using(Impersonator impersonator = new Impersonator())
{
  //Code written within this block will be executed with elevated(impersonated) user privilege.
}