.NET application to run from network without UAC
Question
We have a .NET application (C#, 2.0) which is placed on a network share and is executed via a Batch file on the user's PC.
Right now the users have admin access on their PC and when the UAC popup prompts the user can accept it and the application will run fine.
Our IT team has decided to remove Admin access from the local PC. With this change, our application will not work anymore. We cannot install the application on all PCs because we wish to avoid additional footprint on the PC + we have a lack of an update process.
Are there any options to run from network without UAC popup? Will Clickonce work for .NET 2.0 applications too?
5 answers
solution1
0 2013-12-10 10:25:44
Will Clickonce work for .NET 2.0 applications too? yes it's supported ClickOnce is a component of Microsoft .NET Framework 2.0 an later but this will not solve your admin issue it just create self-updating Windows-based applications that can be installed and run with minimal user interaction.
solution2
0 2013-12-10 10:27:34
According to MSDN ClickOnce should work with .NET 2.0
Please keep in mind that while a ClickOnce deployment to a network share is appropriate in this case and will not need administrative privileges for installation it will not solve any administrative problems you may have inside your program.
solution3
0 2013-12-10 10:47:49
Clickonce allows you to run without UAC, and installation. Its a good technology and is the basis for Chrome's update systems, amongst others. There are two options: installed, and run once. See this link: http://msdn.microsoft.com/en-us/library/71baz9ah(v=vs.80).aspx (.Net 2.0 info)
There is some great information on Chrome's installer here (including the Omaha stuff)
How does Google Chrome manage to execute installation automatically after download?
solution4
0 2013-12-10 10:57:46
Unless you need administrative privileges for your .net programm you can try this:
- Run your program vom command prompt using runas. You'll need a password.
- Remove the UAC restriction from your program and make sure that the critical parts of you programm are executed with sufficent rights. This can be done by using Impersonatation. You have to provide a user/password but this will be compiled in the code.
solution5
0 2013-12-10 11:10:02
By design, every code running from a network share, isn't applied with the Full Trust policy. You have different policies if you run it from a network share where you have an IP address (\\192.168.0.1\\SharedFolder\\Application.exe) instead of the machine name (\\Server1\\SharedFolder\\Application.exe)
To solve this type of issue, You should use CAS (Code Access Security) http://en.wikipedia.org/wiki/Code_Access_Security
Summing up, you can sign your code (application, assembly, etc) with a certificate. Then, your IT Support team, can configure in the machines that will run the code, that every code signed with that certificate, have an policy with a special set of permissions (access to HTTP, SQL Server, etc). This way, you won't have any problem running your application from a network share. And if you need to share the same policy in different applications, you just need to sign them with the same certificate.
You can find a better explanation of ir here What is Code Access Security in .NET
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.