0

I'm trying to write an application that runs the Draytek VPN client as another user as I don't want the user to have an admin password and their account is a standard user. However I can't get it working due to errors in both implementations I've tried.

Here is some sample code I've tried:

System.Security.SecureString ss = new System.Security.SecureString();
foreach (var c in "password")
{
    ss.AppendChar(c);
}

Process process = new Process();
process.StartInfo.UseShellExecute = true;
process.StartInfo.WorkingDirectory = "c:\\";
process.StartInfo.FileName = @"C:\Program Files (x86)\DrayTek\Smart VPN Client\SmartVPNClient.exe";
process.StartInfo.Verb = "runas";
process.StartInfo.UserName = "testUser";
process.StartInfo.Password = ss;
process.StartInfo.UseShellExecute = false;
process.Start();

I get the error: The requested operation requires elevation.

I have also tried Impersonation using the code in the question, Impersonating a Windows user. My implementation of the call is below:

  using ( new Impersonator( "testUser", "", "password" ) )
  {

      Process process = new Process();
      process.StartInfo.UseShellExecute = true;
      process.StartInfo.WorkingDirectory = "c:\\";
      process.StartInfo.FileName = @"C:\Program Files (x86)\DrayTek\Smart VPN Client\SmartVPNClient.exe";
      process.StartInfo.Verb = "runas";
      process.Start();
  }

However the error from running the above code is Unknown error (0xfffffffe).

I can provide more error details if required.

Community
  • 1
  • 1
David Hawkins
  • 1,049
  • 1
  • 10
  • 30

1 Answers1

0

Regarding the first approach:

The fact that you are getting the "The requested operation requires elevation" meesage means that either the user currently running your application is not running as an administrator or the Draytek VPN Client needs elevation in order to run properly.

I made the following changes to your code:

  1. Removed the line process.StartInfo.Verb = "runas"; which is not needed.
  2. Changed the filename to a test console application instead of Draytek VPN Client).

and tested it as follows:

Windows 7

  • Logged in as an administrator with UAC enabled at Default level
  • Logged in as a limited user with UAC enabled at Default level

Windows XP

  • Logged in as an administrator
  • Logged in as a limited user

All tests worked. In the Task Manager I could see the test console running under the correct account.

Here's the code I used to run the tests:

static void Main(string[] args)
        {
            Console.Write("User name:");
            string user = Console.ReadLine();
            Console.Write("Password:");
            string password = Console.ReadLine();
            Console.Write("File name:");
            string fileName = Console.ReadLine();

            System.Security.SecureString ss = new System.Security.SecureString();
            foreach (var c in password)
            {
                ss.AppendChar(c);
            }

            Process process = new Process();
            process.StartInfo.UseShellExecute = true;
            process.StartInfo.WorkingDirectory = "c:\\";
            process.StartInfo.FileName = fileName;
            process.StartInfo.Verb = "runas";
            process.StartInfo.UserName = user;
            process.StartInfo.Password = ss;
            process.StartInfo.UseShellExecute = false;
            process.Start();

            Console.ReadKey();
        }

Have you tried running another application instead of Draytek VPN Client as a test?

Panos Rontogiannis
  • 4,154
  • 1
  • 24
  • 29