0

I'm traying to execute a Powershell script through C# with administrator privilege.

I've tryied in many ways but with no results.

The best I can do is start a process (System.Diagnostics.Process.Start(p)) with runas Verb. This way, if the user that execute the service is an administrator, I can run my powershell script.

But, what i need is to execute the service with a low privilege user, and, when needed, "login" with the administrator and execute the powershell script.

I've tryied to Impersonate the administrator, but it didn't worked...

The answer Execute PowerShell as an administrator from C# didn't solve the problem, I still can't run my script. The answers are from 2009, i hope someone had solved this kind of issue in the meantime.

        // powershell script execution
        var processInfo = new System.Diagnostics.ProcessStartInfo
        {
            Verb = "runas",
            LoadUserProfile = true,
            FileName = "powershell.exe",
            Arguments = scriptPath,
            RedirectStandardOutput = true,
            UseShellExecute = false
        };

        var p = System.Diagnostics.Process.Start(processInfo);
Improve this question
6
  • 1
    Possible duplicate of Execute PowerShell as an administrator from C# Commented Sep 10, 2018 at 13:24
  • Sadly that answer didn't help. The impersonator suggested is the one that i used in my code. Commented Sep 10, 2018 at 13:32
  • 1
    You can't automatically elevate without provoking the UAC prompt, if that's what you are asking. Commented Sep 10, 2018 at 15:40
  • “The best I can do is start a process (System.Diagnostics.Process.Start(p)) with runas Verb. This way, if the user that execute the service is an administrator, I can run my powershell script.” What is the "service" there? Since you use runas verb, the second process (likely PowerShell) should trigger a UAC prompt when launched by Windows, which is the standard way to request administrator permissions. Commented Sep 10, 2018 at 19:00
  • @LexLi the "service" is a classic windows service, i've changed the running user to a custom user for sql authentication. The runas verb doesn't trigger the UAC prompt. With the default "Local System" user as the log on user, my power shell script work perfectly. Commented Sep 11, 2018 at 6:52

1 Answer 1

Reset to default
1

Impersonation should work. However, I usually avoid it as I don't like storing user credentials if I don't have to.

I ran into a need for something similar to this in an application I'm working on. The app runs in IIS and most of the time doesn't need (and shouldn't have) full administrator access. To deal with this scenario, I have a separate application running (a windows service) that has full admin privileges. It accepts request from the IIS application and executes the appropriate administrative function.

My IIS app and Windows Service talk over AMQP (with RabbitMQ). However, you could easily use whatever communication channel you prefer - HTTP, TCP, or even just create a file and have the admin application look for the file.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.