使用Process.Start作为本地管理员帐户启动单独的程序
[英]Launching separate program as a local admin account using Process.Start
问题描述
We have a piece of software used in our business that requires admin rights to run. 
我们在业务中使用了一款需要管理员权限才能运行的软件。 However the staff are not allowed access to accounts with admin rights. 但是,不允许员工访问具有管理员权限的帐户。 This is within a windows 7 environment. 这是在Windows 7环境中。
We have set-up a local admin accounts on the required computers through GPO. 我们已经通过GPO在所需的计算机上设置了本地管理员帐户。 The aim of the software I am creating to to launch the software that requires admin rights as this local admin account. 我要创建的软件的目标是启动需要管理员权限的软件作为此本地管理员帐户。
So far the software is working correctly in that it is launching the software as the account but it is still giving the errors that it gives when it does not have admin rights. 到目前为止,该软件可以正常运行,因为它以帐户身份启动该软件,但仍给出了它没有管理员权限时出现的错误。 If you right click and runas on the software and type in the account details manually it works fine. 如果右键单击该软件并在其上运行,并手动输入帐户详细信息,则可以正常运行。
SecureString pwd = new SecureString();
foreach (char c in "somepassword") { pwd.AppendChar(c); }
var psi = new ProcessStartInfo
{
FileName = location,
UserName = "localadminaccountname",
Domain = Environment.MachineName,
Password = pwd,
UseShellExecute = false,
Verb = "runas"
};
try
{
Process.Start(psi);
}
There is an exception catch statement with error reporting included with the code. 该代码中包含一个带有错误报告的异常捕获语句。 There are no exceptions thrown when Process.Start(psi) is called. 调用Process.Start(psi)时不会引发任何异常。 (Updated) (更新)
Thanks. 谢谢。
EDIT The company build of windows 7 has User Access Control set to "Never Notify" so no UAC pop-up is shown when Process.Start(psi) is called. 编辑 Windows 7的公司内部版本将用户访问控制设置为“从不通知”,因此在调用Process.Start(psi)时不会显示UAC弹出窗口。
2 个解决方案
解决方案1
0 2012-12-03 06:29:17
Have you tried setting 'Load user profile' true for the IIS app pool? 您是否尝试为IIS应用程序池设置“加载用户配置文件”为true? I had a similar situation. 我也有类似的情况。 This worked for me. 这对我有用。
Refer for more info: Security exceptions in ASP.NET and Load User Profile option in IIS 7.5 请参阅更多信息: ASP.NET中的安全异常和IIS 7.5中的“加载用户配置文件”选项
解决方案2
0 2012-01-27 13:53:39
If UAC is set to "Never Notify" then it is disabled - the user runs with the maximum set of privileges. 如果UAC设置为“从不通知”,则将其禁用-用户以最大权限集运行。
That means that if the user is an admin account, using the "runas" verb is unnecessary. 这意味着,如果用户是管理员帐户,则不需要使用“ runas”动词。 It also means that if the user is NOT an admin account, it's possible that your application may stil fail to work (because the user can't elevate and OTS (over-the-shoulder) elevation is disabled. 这也意味着,如果用户不是管理员帐户,则您的应用程序可能仍然无法正常工作(因为用户无法升高,并且OTS(过肩)升高)被禁用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.