3

I am trying to run my c# exe as an system account. How can I do that. I've tried <requestedExecutionlevel level="requireAdministrator"> and <requestedExecutionlevel level="requireSystem"> The administrator is working but the second one is not working.

Please help me how can I do this.

  • This thread may help you out as well: http://stackoverflow.com/questions/2818179/how-to-force-my-net-app-to-run-as-administrator-on-windows-7 – mwilson Dec 10 '15 at 06:24
  • @mwilson Yes I've tried it and its working. But I want it to be run using SYSTEM. Like if I go to taskbar details it should show SYSTEM as username of exe. –  Dec 10 '15 at 06:29
  • Out of curiosity, what are you trying to do that your executable requires SYSTEM privileges instead of just Administrator privileges? – Scott Chamberlain Dec 10 '15 at 06:53
  • @ScottChamberlain I need to create an exe using c# that will run as a system account for example armsvc.exe of adobe runs as a system account. –  Dec 10 '15 at 13:23
  • Your last comment did not answer my question, your answer to "*Why do you need to run as SYSTEM?*" was "*I need to create an exe using c# that will run as a system account*" then you gave me a example of some other app that does it. Also `armsvc.exe` is running as a windows service, it is not a program you can just double click on and run. Are you writing a windows service? If you are not writing a service **why** does **your program** need to run as SYSTEM? – Scott Chamberlain Dec 10 '15 at 17:44
  • You just made up `requireSystem` didn't you – David Heffernan Dec 19 '15 at 09:03
  • @DavidHeffernan No I didn't. Just go to your service installer and set account type as Local system. now start your service simply –  Dec 19 '15 at 09:14
  • No. You made it up. Where is that documented as a `requestedExecutionlevel`? – David Heffernan Dec 19 '15 at 09:47
  • @DavidHeffernan Not got you concern please be specific –  Dec 19 '15 at 11:34
  • Never mind. It's all there if you want it. – David Heffernan Dec 19 '15 at 11:58

3 Answers3

7

To the best of my knowledge you can not force your app to run as SYSTEM. Either your app must be a service and the service is setup to run as System or you must use a tool like PsExec to launch your executable as system.

psexec.exe -i -s YourProgram.exe

When using requestedExecutionlevel the only 3 valid options are

  • requireAdministrator - prompt for UAC always (even if the user is not an administrator).
  • asInvoker - never prompt for UAC.
  • highestAvailable - prompt for UAC if the user is a member of the Administrators group but do not prompt and run as a normal user if the user is not a member of the group.
Scott Chamberlain
  • 124,994
  • 33
  • 282
  • 431
2

It's not directly possible. There are hacky ways if you are an administrator (like getting the security token from an already running service or something), but I far from recommend using those.

The point of the SYSTEM account is precisely that: that it's only run directly by the system.

If you want an easy-hacky-way without third-party tools (like psexec), you could set up a ONEEVENT scheduled task (with schtasks, which is part of the OS), which can indeed run with the system account. This would still need two processes (although it could be the same exe with different command line parameters for the task and for setting it up), but it'd work.

Jcl
  • 27,696
  • 5
  • 61
  • 92
0

I know i am waaaay (7 years) late but this is what i found works. This peace of code basically runs the program specified as system user.

ProcessStartInfo startInfo = new ProcessStartInfo
    {
        FileName = "schtasks.exe",
        Arguments = $"/Create /RU \"NT AUTHORITY\\SYSTEM\" /RL HIGHEST /SC ONCE /TN MyTask /TR \"{program} {programArgs}\" /ST {DateTime.Now.AddSeconds(5):HH:mm:ss} /F",
        Verb = "runas", // Run the process as an administrator
        CreateNoWindow = false,
        UseShellExecute = false
    };

    Process process = Process.Start(startInfo);
    process.WaitForExit();
    Console.WriteLine(process.ExitCode);

    startInfo = new ProcessStartInfo
    {
        FileName = "schtasks.exe",
        Arguments = $"/Run /TN MyTask",
        Verb = "runas", // Run the process as an administrator
        CreateNoWindow = true,
        UseShellExecute = false
    };

    process = Process.Start(startInfo);
    process.WaitForExit();
    Console.WriteLine(process.ExitCode);

    startInfo = new ProcessStartInfo
    {
        FileName = "schtasks.exe",
        Arguments = $"/Delete /TN MyTask /F",
        Verb = "runas", // Run the process as an administrator
        CreateNoWindow = true,
        UseShellExecute = false
    };
    process = Process.Start(startInfo);
    process.WaitForExit();
    Console.WriteLine(process.ExitCode);

    Console.ReadLine();

This code will execute any program with any args as nt authority\system. Keep in mind it is incompatible with window display (will allways run in the background). We can verify if this works by defining a cmd to run, that creates a file with the output of "whoami":

string program = Environment.GetEnvironmentVariable("ComSpec"); // Path to cmd.exe
string programArgs = $"/C whoami > \"C:\\Users\\{Enviroment.UserName}\\Desktop\\text.txt\"";

You can now find your text.txt file on your desktop with the text nt authority\system in it

Boso Yolo
  • 5
  • 3