Results 1 to 9 of 9

Thread: Running app as Admin.

  1. #1

    Thread Starter
    Big D Danial's Avatar
    Join Date
    Jul 2000
    Location
    ASP.Net Forum
    Posts
    2,877

    Running app as Admin.

    Hi,
    I have some tools which runs in the bacground and carry out administrative task.

    I am running my utility in all XP machines and Limited user environment. Now my utility needs to modify/add/delete certain registry keys/values. Since the application is running from the Limited user account my utility is prevented from modifying the registry. I dont want to give the users the abilit to modify registry manually only my utility.

    Is there any way to Impersonate or run an utility with Admin priviliages?

    Thanks.
    [VBF RSS Feed]

    There is a great war coming. Are you sure you are on the right side? Atleast I have chosen a side.

    If I have been helpful, Please Rate my Post. Thanks.

    This post was powered by :

  2. #2
    Ex-Super Mod RobDog888's Avatar
    Join Date
    Apr 2001
    Location
    LA, Calif. Raiders #1 AKA:Gangsta Yoda™
    Posts
    60,709
    This example will solve your problem.
    VB Code:
    1. Private Const LOGON_WITH_PROFILE = &H1&
    2. Private Const LOGON_NETCREDENTIALS_ONLY = &H2&
    3. Private Const CREATE_DEFAULT_ERROR_MODE = &H4000000
    4. Private Const CREATE_NEW_CONSOLE = &H10&
    5. Private Const CREATE_NEW_PROCESS_GROUP = &H200&
    6. Private Const CREATE_SEPARATE_WOW_VDM = &H800&
    7. Private Const CREATE_SUSPENDED = &H4&
    8. Private Const CREATE_UNICODE_ENVIRONMENT = &H400&
    9. Private Const ABOVE_NORMAL_PRIORITY_CLASS = &H8000&
    10. Private Const BELOW_NORMAL_PRIORITY_CLASS = &H4000&
    11. Private Const HIGH_PRIORITY_CLASS = &H80&
    12. Private Const IDLE_PRIORITY_CLASS = &H40&
    13. Private Const NORMAL_PRIORITY_CLASS = &H20&
    14. Private Const REALTIME_PRIORITY_CLASS = &H100&
    15.  
    16. Private Type PROCESS_INFORMATION
    17.     hProcess As Long
    18.     hThread As Long
    19.     dwProcessId As Long
    20.     dwThreadId As Long
    21. End Type
    22.  
    23. Private Type STARTUPINFO
    24.     cb As Long
    25.     lpReserved As Long
    26.     lpDesktop As Long
    27.     lpTitle As Long
    28.     dwX As Long
    29.     dwY As Long
    30.     dwXSize As Long
    31.     dwYSize As Long
    32.     dwXCountChars As Long
    33.     dwYCountChars As Long
    34.     dwFillAttribute As Long
    35.     dwFlags As Long
    36.     wShowWindow As Integer
    37.     cbReserved2 As Integer
    38.     lpReserved2 As Byte
    39.     hStdInput As Long
    40.     hStdOutput As Long
    41.     hStdError As Long
    42. End Type
    43.  
    44. Private Declare Function CreateProcessWithLogon Lib "Advapi32" Alias "CreateProcessWithLogonW" _
    45. (ByVal lpUsername As Long, ByVal lpDomain As Long, ByVal lpPassword As Long, ByVal dwLogonFlags As Long, _
    46. ByVal lpApplicationName As Long, ByVal lpCommandLine As Long, ByVal dwCreationFlags As Long, ByVal lpEnvironment As Long, _
    47. ByVal lpCurrentDirectory As Long, lpStartupInfo As STARTUPINFO, lpProcessInfo As PROCESS_INFORMATION) As Long
    48.  
    49. Private Declare Function CloseHandle Lib "kernel32" (ByVal hObject As Long) As Long
    50.  
    51. Private Sub Form_Load()
    52.     Dim lpUsername As String, lpDomain As String, lpPassword As String, lpApplicationName As String
    53.     Dim lpCommandLine As String, lpCurrentDirectory As String
    54.     Dim StartInfo As STARTUPINFO, ProcessInfo As PROCESS_INFORMATION
    55.     lpUsername = "OtherUser"
    56.     lpDomain = ""
    57.     lpPassword = "other_user_password"
    58.     lpApplicationName = "C:\WINNT\NOTEPAD.EXE"
    59.     lpCommandLine = vbNullString 'use the same as lpApplicationName
    60.     lpCurrentDirectory = vbNullString 'use standard directory
    61.     StartInfo.cb = LenB(StartInfo) 'initialize structure
    62.     StartInfo.dwFlags = 0&
    63.     CreateProcessWithLogon StrPtr(lpUsername), StrPtr(lpDomain), StrPtr(lpPassword), LOGON_WITH_PROFILE, _
    64.     StrPtr(lpApplicationName), StrPtr(lpCommandLine), CREATE_DEFAULT_ERROR_MODE Or CREATE_NEW_CONSOLE Or _
    65.     CREATE_NEW_PROCESS_GROUP, ByVal 0&, StrPtr(lpCurrentDirectory), StartInfo, ProcessInfo
    66.     CloseHandle ProcessInfo.hThread 'close the handle to the main thread, since we don't use it
    67.     CloseHandle ProcessInfo.hProcess 'close the handle to the process, since we don't use it
    68.     'note that closing the handles of the main thread and the process do not terminate the process
    69.     'unload this application
    70.     Unload Me
    71. End Sub
    VB/Office Guru™ (AKA: Gangsta Yoda®)
    I dont answer coding questions via PM. Please post a thread in the appropriate forum.

    Microsoft MVP 2006-2011
    Office Development FAQ (C#, VB.NET, VB 6, VBA)
    Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
    If a post has helped you then Please Rate it!
    Reps & Rating PostsVS.NET on Vista Multiple .NET Framework Versions Office Primary Interop AssembliesVB/Office Guru™ Word SpellChecker™.NETVB/Office Guru™ Word SpellChecker™ VB6VB.NET Attributes Ex.Outlook Global Address ListAPI Viewer utility.NET API Viewer Utility
    System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6

  3. #3

    Thread Starter
    Big D Danial's Avatar
    Join Date
    Jul 2000
    Location
    ASP.Net Forum
    Posts
    2,877
    Thanks Rob for your quicky reply. I will try it out and let you.

    Cheers.

    Danial
    [VBF RSS Feed]

    There is a great war coming. Are you sure you are on the right side? Atleast I have chosen a side.

    If I have been helpful, Please Rate my Post. Thanks.

    This post was powered by :

  4. #4
    Ex-Super Mod RobDog888's Avatar
    Join Date
    Apr 2001
    Location
    LA, Calif. Raiders #1 AKA:Gangsta Yoda™
    Posts
    60,709
    No prob. I was just re-formatting the post so it wouldn't be so wide.
    VB/Office Guru™ (AKA: Gangsta Yoda®)
    I dont answer coding questions via PM. Please post a thread in the appropriate forum.

    Microsoft MVP 2006-2011
    Office Development FAQ (C#, VB.NET, VB 6, VBA)
    Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
    If a post has helped you then Please Rate it!
    Reps & Rating PostsVS.NET on Vista Multiple .NET Framework Versions Office Primary Interop AssembliesVB/Office Guru™ Word SpellChecker™.NETVB/Office Guru™ Word SpellChecker™ VB6VB.NET Attributes Ex.Outlook Global Address ListAPI Viewer utility.NET API Viewer Utility
    System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6

  5. #5

    Thread Starter
    Big D Danial's Avatar
    Join Date
    Jul 2000
    Location
    ASP.Net Forum
    Posts
    2,877
    Rob,
    Just skimmed through your code, it seems like I would need to provide admin password. I could make the admin provide their password when the run this first time and store the encrypted password.

    I am a bit concenered about the security issues regarding storing Admin password even though I will encrypt it.

    Is this the only way or there are other methods which i can use to modify registry value from a limited user account?
    [VBF RSS Feed]

    There is a great war coming. Are you sure you are on the right side? Atleast I have chosen a side.

    If I have been helpful, Please Rate my Post. Thanks.

    This post was powered by :

  6. #6
    Ex-Super Mod RobDog888's Avatar
    Join Date
    Apr 2001
    Location
    LA, Calif. Raiders #1 AKA:Gangsta Yoda™
    Posts
    60,709
    There is a CreateProcessAsUser API, but I dont have an example.
    I assume you would still need a username and password. What
    about hardcoding it? I know its not usually a good idea but then it
    wont be exposed except to your programmers.
    VB/Office Guru™ (AKA: Gangsta Yoda®)
    I dont answer coding questions via PM. Please post a thread in the appropriate forum.

    Microsoft MVP 2006-2011
    Office Development FAQ (C#, VB.NET, VB 6, VBA)
    Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
    If a post has helped you then Please Rate it!
    Reps & Rating PostsVS.NET on Vista Multiple .NET Framework Versions Office Primary Interop AssembliesVB/Office Guru™ Word SpellChecker™.NETVB/Office Guru™ Word SpellChecker™ VB6VB.NET Attributes Ex.Outlook Global Address ListAPI Viewer utility.NET API Viewer Utility
    System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6

  7. #7

    Thread Starter
    Big D Danial's Avatar
    Join Date
    Jul 2000
    Location
    ASP.Net Forum
    Posts
    2,877
    Originally posted by RobDog888
    There is a CreateProcessAsUser API, but I dont have an example.
    I assume you would still need a username and password. What
    about hardcoding it? I know its not usually a good idea but then it
    wont be exposed except to your programmers.

    Looked up the Reference for CreateProcessAsUser API, you would need to create token for which you would need to authenticate using password.

    I guess it makes sense other wise any process can run as admin and cause havoc. Just want to make sure its not possible.

    Haradcoding is not an option since I wont know the Admin password in advance. I guess I will have to ask the Admin password during installation and some how store it safely(I have got few ideas already).

    Thanks again.
    [VBF RSS Feed]

    There is a great war coming. Are you sure you are on the right side? Atleast I have chosen a side.

    If I have been helpful, Please Rate my Post. Thanks.

    This post was powered by :

  8. #8
    Ex-Super Mod RobDog888's Avatar
    Join Date
    Apr 2001
    Location
    LA, Calif. Raiders #1 AKA:Gangsta Yoda™
    Posts
    60,709
    No prob. Probably encrypting in the registry would be good,
    but if you cant get into the registry to read the credientials then
    the point it mute.
    VB/Office Guru™ (AKA: Gangsta Yoda®)
    I dont answer coding questions via PM. Please post a thread in the appropriate forum.

    Microsoft MVP 2006-2011
    Office Development FAQ (C#, VB.NET, VB 6, VBA)
    Senior Jedi Software Engineer MCP (VB 6 & .NET), BSEE, CET
    If a post has helped you then Please Rate it!
    Reps & Rating PostsVS.NET on Vista Multiple .NET Framework Versions Office Primary Interop AssembliesVB/Office Guru™ Word SpellChecker™.NETVB/Office Guru™ Word SpellChecker™ VB6VB.NET Attributes Ex.Outlook Global Address ListAPI Viewer utility.NET API Viewer Utility
    System: Intel i7 6850K, Geforce GTX1060, Samsung M.2 1 TB & SATA 500 GB, 32 GBs DDR4 3300 Quad Channel RAM, 2 Viewsonic 24" LCDs, Windows 10, Office 2016, VS 2019, VB6 SP6

  9. #9
    PowerPoster Dave Sell's Avatar
    Join Date
    Mar 2004
    Location
    /dev/null
    Posts
    2,961
    He should be able to READ from the registry, just not WRITE to it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width