Launch CMD.exe in admin mode under another user context

Question

Would somebody be able to tell me if what I'm attempting is possible??

My Issue is on Windows 10 (on windows 7 the below works)

I'd like to programatically create a an instance of "CMD.exe" launched in Administration mode whereby I specify the details of the admin user when creating the CMD process.

My end result is always the same:

I can create the CMD.exe process
The owner of the process is the administrator account I created it under (i can see this via task manager)

but the CMD.exe doesn't launch in administration mode (and that's my problem)

Here's my code — any help is greatly appreciated (I've spent far too long looking at this"). Any other articles I've read indicate how to create the process as an administrator but not to run it in Admin mode on Windows 10)

ProcessStartInfo p = new ProcessStartInfo();

p.WorkingDirectory = @"C:\Windows\System32";
p.FileName = @"C:\Windows\System32\cmd.exe";

p.UserName = "myUser";
p.Domain = "myDomain";

char[] password = { 'm', 'y', 'p', 'a', 's', 's'};

SecureString adminpassword = new SecureString();
foreach (char c in password)
  {
      adminpassword.AppendChar(c);
  }

p.Password = adminpassword;
p.UseShellExecute = false;
p.Verb = "runas";
Process.Start(p);

You could try [my small little impersonator class](https://www.codeproject.com/Articles/10090/A-small-C-Class-for-impersonating-a-User). — Uwe Keim, Dec 23 '16 at 15:54
You have to use `LOGON32_LOGON_BATCH` to create an elevated token. Doesn't look like .NET exposes this option, you might have to resort to P/Invoke. See http://stackoverflow.com/a/21718198/886887 for a C++ version. — Harry Johnston, Dec 23 '16 at 23:35
Thanks for pointing me in the right direction Harry Johnson. I managed to get it working via Win32.LogonUser() and updating the calling users "Replace a process level token" privilege. This solution will suffice for now. — P_Fitz, Jan 03 '17 at 14:34

score 0 · Answer 1 · answered Dec 23 '16 at 15:38

0

Have you tried to add application manifest with:

<requestedExecutionLevel level="requireAdministrator" />

It seems to create a process as an administrator you need to be an administrator.

I'm sorry that I wrote here. I don't have enough reputation for comments.

answered Dec 23 '16 at 15:38

WhiteSnake

11
1

For what? For cmd? – Thomas Weller Dec 23 '16 at 15:49
No, for the project. – WhiteSnake Dec 23 '16 at 15:53
He only wants to launch CMD.exe under admin, not his own application. – Uwe Keim Dec 23 '16 at 15:56
I understand, but this approach solves his problem. I simply offer a variant. – WhiteSnake Dec 23 '16 at 16:01
I tried this but it prompts for a username / password when CMD is launched. I'm trying to avoid this scenario and have CMD launch in Admin mode automatically (note: in my code sample above I pass in the username / pwd details for my admin user). – P_Fitz Jan 03 '17 at 08:54

Launch CMD.exe in admin mode under another user context

1 Answers1