5

I have a C# app that needs to allow the user to change the Computer Name. This is a pretty privileged operation. I can only get it to work if the user runs the app as Administrator (Windows 7, right-click on executable, "Run as Administrator"). Fine, but the user IS an administrator, so why would they need to Run AS an Administrator? I've tried this several times. It always fails if the user--an administrator--tries to do it running the application normally. It always works if they run it as "Run as Administrator".

If the answer is, "It just works that way, you have to run as admin even if you are an admin," my question is how can I detect if they are running with super-duper admin privileges? I found this, but it just checks to see if the user is part of the Administrator user group which, I already pointed out, isn't sufficient (and throws a null pointer exception).

Am I missing something here? Do I need to approach it from another angle?

Community
  • 1
  • 1
Frecklefoot
  • 1,660
  • 2
  • 21
  • 52
  • Sounds like a UAC thing. This post may help: http://serverfault.com/questions/446521/run-application-under-administrator-when-uac-is-disabled – rsbarro Dec 04 '12 at 20:38
  • possible duplicate of [C#: Detect if running with elevated privileges?](http://stackoverflow.com/questions/1220213/c-detect-if-running-with-elevated-privileges)... check the first answer – spender Dec 04 '12 at 20:40
  • Thanks, spender, but I linked to that article in my comment and explained why it wasn't sufficient. I know, it looks like a dupe at first glance. ;) – Frecklefoot Dec 04 '12 at 20:43
  • 1
    Another option is to mark the executable as requiring elevation at compile time. I'll dig out a link.... http://www.aneef.net/2009/06/29/request-uac-elevation-for-net-application-managed-code/ – spender Dec 04 '12 at 20:43
  • I don't know the technical background (or the direct answer to your question) but, in my former life as a support technician, I have found that certain apps and functions require that you are THE administrator instead of just being AN administrator (IE in the Administrators group). – Dan Norton Dec 04 '12 at 20:51
  • This is how Windows Vista and later work by default: a process does not get administrator privileges unless an administrator _explicitly_ grants them. – Joel Coehoorn Dec 04 '12 at 21:00
  • Thanks to all comments. The link from Spender had what I needed. Got it working now. – Frecklefoot Dec 04 '12 at 21:30
  • I'm pretty sure that link doesn't have what you need. What you need is a requireAdministrator app manifest. Or is that what you did? – David Heffernan Dec 04 '12 at 21:41
  • The article discusses how to create the manifest and that's what I did. This is the link I was talking about: http://www.aneef.net/2009/06/29/request-uac-elevation-for-net-application-managed-code/ – Frecklefoot Dec 04 '12 at 21:46
  • 1
    OK, I see. I looked at the other link! Running the entire app elevated will work, but you may choose to refine your strategy in time to run elevated only those parts of the app that really need elevation. – David Heffernan Dec 04 '12 at 21:53

1 Answers1

11

It's because of User Account Control (UAC). Introduced in Vista, this changes the way administrator user accounts operate.

When an user from the administrator group logs on, the user is allocated two tokens: a token with all privileges, and a token with reduced privileges. When that user creates a new process, the process is by default handed the reduced privilege token. So, although the user has administrator rights, she does not exercise them by default. This is a "Good Thing"™.

To exercise those rights the user must start the process with elevated rights. For example, by using the "Run as administrator" verb. When she does this, the full token is handed to the new process and the full range of rights can be exercised.

You almost certainly don't want to be detecting whether or not your process is running elevated. Best practise is to mark those parts of your program that require elevation and force the system to show UAC elevation dialogs when those parts of the program execute.

The bind is that elevation can only happen at process start. So if you need to split your app into parts that require elevation, and parts that don't, there need to be multiple processes. Whilst you could mark your entire app as requiring elevation, you should not do so if the only thing that needs elevation is the very rare scenario where the computer name is to be changed.

Your next step is to bone up on the details over at MSDN. For example:

David Heffernan
  • 601,492
  • 42
  • 1,072
  • 1,490